DNS Leak
File Information
| Property | Value |
|---|---|
| Binary Name | dns-leak |
| Version | 9.0.1 |
| File Size | 3.4MB |
| Author | Warith Al Maawali |
| License | Proprietary |
| Category | Network & Routing |
| Description | DNS leak detection and analysis for Kodachi OS |
| JSON Data | View Raw JSON |
SHA256 Checksum
Key Features
DNS Leak Detection & Analysis
| Feature | Description |
|---|---|
| Multi-Interface Testing | Tests all network interfaces simultaneously |
| Leak Identification | Pinpoints exactly where DNS queries are leaking |
| Real-time Analysis | Monitors DNS queries as they happen |
| Comprehensive Reporting | Detailed reports with analysis and findings |
Why DNS Leak Detection is Critical
| Benefit | Description |
|---|---|
| Privacy Protection | Even with VPN/Tor, DNS leaks can reveal your location |
| ISP Bypass Verification | Confirms DNS queries bypass your ISP |
| Configuration Validation | Verifies your privacy setup is correct |
| Continuous Monitoring | Regular testing ensures ongoing protection |
TL;DR - Essential Commands
# Discover available network interfaces
dns-leak discover
# Run DNS leak test on all interfaces
sudo dns-leak test
# Test specific interface
sudo dns-leak test -i eth0
# View results from previous test
dns-leak results
dns-leak results --file dns_leak_results.json --json
# Generate detailed report
dns-leak report --id dns_leak_results
Understanding DNS Leaks
What is a DNS Leak?
A DNS leak occurs when your DNS queries bypass your VPN or Tor connection and go directly to your ISP's DNS servers.
This reveals:
| Information Leaked | Description |
|---|---|
| Websites visited | All domains you're accessing |
| Real location | Your actual geographic location |
| ISP identity | Your Internet Service Provider |
How DNS Leak Detection Works
This shows all network interfaces that could potentially leak DNS.
The test process:
| Step | Action |
|---|---|
| 1 | Sends DNS queries through each interface |
| 2 | Monitors where queries are routed |
| 3 | Identifies any leaks to ISP or public DNS |
| 4 | Reports which interfaces are secure |
Testing Specific Interfaces
# Test VPN interface
sudo dns-leak test -i tun0
# Test Tor transparent proxy
sudo dns-leak test -i eth0
# Test with custom timeout
sudo dns-leak test --dns-timeout 10
Analyzing Results
# View test results
dns-leak results
# Get results in JSON format for scripts
dns-leak results --file dns_leak_results.json --json
# JSON output examples for automation
dns-leak test --json # Test with JSON output
dns-leak discover --json # Interface discovery in JSON
# Generate detailed report with analysis
dns-leak report --id dns_leak_results
dns-leak report --id dns_leak_results --json # Report in JSON format
Result Interpretation:
| Status | Meaning |
|---|---|
| SECURE | DNS queries routed through VPN/Tor |
| WARNING | Potential leak detected |
| LEAKED | DNS going to ISP/public servers |
Multi-NIC Examples and Common Leak Scenarios
Multi-Interface Testing Examples:
# Test laptop with WiFi and Ethernet
sudo dns-leak test -i wlan0 # WiFi interface
sudo dns-leak test -i eth0 # Ethernet interface
# Test system with VPN
sudo dns-leak test -i tun0 # VPN tunnel interface
sudo dns-leak test -i wg0 # WireGuard interface
# Test all discovered interfaces
dns-leak discover # Show: wlan0, eth0, tun0, lo
sudo dns-leak test # Test all automatically
Common Leak Scenarios:
| Scenario | Description |
|---|---|
| Split Tunnel VPN | Some traffic bypasses VPN (eth0 leaks while tun0 secure) |
| IPv6 Leaks | IPv6 DNS not routed through VPN |
| WebRTC Leaks | Browser bypassing system DNS |
| Misconfigured Firewall | DNS allowed outside VPN tunnel |
Advanced Commands
For advanced users who need access to all available commands and options, please refer to the auto-generated command reference which includes:
| Feature | Description |
|---|---|
| Custom Testing | Custom DNS server testing |
| Batch Testing | Batch interface testing |
| Timeout Config | Extended timeout configurations |
| JSON Filtering | JSON filtering options |
| Debug Output | Verbose debugging output |
| CLI Reference | All command-line flags and parameters |
Security Notes
Important Security Practices:
| Practice | Description |
|---|---|
| Connection Testing | Test after every VPN/Tor connection |
| Location Changes | Re-test when changing network locations |
| Interface Coverage | Check all interfaces, not just primary |
| Periodic Monitoring | Run tests periodically during long sessions |
| Audit Trail | Save reports for security audits |
Performance
| Metric | Value |
|---|---|
| Test Duration | 5-10 seconds per interface |
| Memory Usage | ~15MB during testing |
| CPU Usage | < 5% during tests |
| Network Traffic | < 1KB per DNS query |
Support
| Resource | Link |
|---|---|
| Website | digi77.com |
| Anonymity Verifier | kodachi.cloud |
| Discord Support | discord.gg/KEFErEx |
| GitHub | github.com/WMAL |
Scenario 1: VPN Tunnel Validation Before Sensitive Work
Verify VPN tunnel integrity and DNS leak protection before conducting sensitive operations.
# Step 1: Check current routing configuration
sudo routing-switch status
# Step 2: Verify VPN interface is active
dns-leak discover
# Expected: tun0 or wg0 listed in available interfaces
# Step 3: Test VPN interface for DNS leaks
sudo dns-leak test --interface tun0
# Step 4: Verify DNS configuration matches VPN
sudo dns-switch status
# Step 5: Check IP geolocation to confirm VPN endpoint
ip-fetch
# Expected: Location matches VPN server, not your real location
# Step 6: Comprehensive network verification
sudo health-control net-check
Cross-binary workflow: routing-switch + dns-leak + dns-switch + ip-fetch + health-control
When to run: Before accessing sensitive resources or conducting privacy-critical work. Automate this with workflow-manager using the connectivity-dns-leak-verify profile.
Scenario 2: Multi-NIC System Audit (WiFi + Ethernet + VPN)
Audit all network interfaces on systems with multiple NICs to identify potential leak vectors.
# Step 1: Discover all available interfaces
dns-leak discover --verbose
# Expected: wlan0, eth0, tun0, br0, etc.
# Step 2: Test WiFi interface
sudo dns-leak test --interface wlan0
# Step 3: Test Ethernet interface
sudo dns-leak test --interface eth0
# Step 4: Test VPN tunnel interface
sudo dns-leak test --interface tun0
# Step 5: Run comprehensive test on all interfaces
sudo dns-leak test --json | tee all-interfaces-test.json
# Step 6: Extract leak detection status
sudo dns-leak test --json | jq '.results[].leak_detected'
# Expected: All values should be "false"
# Step 7: Verify geolocation for each active interface
ip-fetch
Cross-binary workflow: dns-leak + ip-fetch
When to run: On systems with multiple network interfaces or when diagnosing intermittent connectivity issues.
Scenario 3: Split Tunnel VPN Leak Detection
Detect DNS leaks in split tunnel VPN configurations where some traffic bypasses the VPN.
# Step 1: Check routing configuration for split tunnel
sudo routing-switch status
# Step 2: Test physical interface (should show leak if split tunnel)
sudo dns-leak test --interface eth0
# Step 3: Test VPN tunnel interface (should be secure)
sudo dns-leak test --interface tun0
# Step 4: Compare results from both tests
dns-leak results --file dns_leak_results.json --json
# Step 5: If leak detected on physical interface, reconfigure DNS
sudo dns-switch random
sudo dns-leak test --interface eth0
# Expected: DNS now routed through secure servers
# Step 6: Verify no leaks remain
sudo dns-leak test --json | jq '.results[] | select(.leak_detected == true)'
# Expected: Empty output (no leaks)
Cross-binary workflow: routing-switch + dns-leak + dns-switch
When to run: When using split tunnel VPN configurations or experiencing DNS resolution issues.
Scenario 4: Bridge/Container Interface Isolation Testing
Test bridge and container interfaces to ensure DNS isolation in virtualized environments.
# Step 1: Discover bridge and container interfaces
dns-leak discover
# Expected: br0, docker0, veth*, etc.
# Step 2: Test bridge interface
sudo dns-leak test --interface br0
# Step 3: Test primary network interface for baseline
sudo dns-leak test --interface eth0
# Step 4: Compare DNS servers used by each interface
dns-leak results --file dns_leak_results.json --json | jq '.results[] | {interface: .interface, dns_servers: .dns_servers}'
# Step 5: Check for cross-interface DNS leakage
sudo health-control net-check
# Step 6: Generate comprehensive report
dns-leak report --id dns_leak_results --json
Cross-binary workflow: dns-leak + health-control
When to run: When running containerized applications or virtual machines requiring network isolation.
Scenario 5: Post-Connection Comprehensive Verification
Complete network verification workflow after establishing Tor or VPN connection.
# Step 1: Check network connectivity
sudo health-control net-check
# Step 2: Fetch current IP and geolocation
ip-fetch
# Step 3: Verify Tor connection (if using Tor)
ip-fetch check-tor
# Expected: "Connected through Tor" message
# Step 4: Check routing status
sudo routing-switch status
# Step 5: Verify DNS configuration
sudo dns-switch status
# Step 6: Run comprehensive DNS leak test
sudo dns-leak test
# Step 7: View detailed results
dns-leak results --file dns_leak_results.json --json
# Step 8: Generate verification report
dns-leak report --id dns_leak_results
Cross-binary workflow: health-control + ip-fetch + routing-switch + dns-switch + dns-leak
When to run: After establishing any VPN or Tor connection. Automate this with workflow-manager using the base-network-verification profile.
Scenario 6: Investigating and Fixing Detected DNS Leaks
Systematic approach to identify, analyze, and remediate DNS leak vulnerabilities.
# Step 1: Run comprehensive DNS leak test
sudo dns-leak test --json | tee leak-investigation.json
# Step 2: Identify which interfaces are leaking
cat leak-investigation.json | jq '.results[] | select(.leak_detected == true) | .interface'
# Step 3: Check current DNS configuration
sudo dns-switch status
# Step 4: Switch to secure DNS servers
sudo dns-switch random
# Step 5: Verify DNS change took effect
sudo dns-switch status
# Step 6: Re-test for leaks
sudo dns-leak test
# Step 7: If leaks persist, enable Tor DNS
sudo tor-switch start-tor
sudo tor-switch start-tor-dns-nftables
# Step 8: Verify Tor DNS is active
sudo tor-switch verify-tor-dns
# Step 9: Final leak verification
sudo dns-leak test --json | jq '.results[].leak_detected'
# Expected: All values "false"
# Step 10: Generate security score
sudo health-control security-score
Cross-binary workflow: dns-leak + dns-switch + tor-switch + health-control
When to run: Immediately when leak detection test shows vulnerabilities. Automate this with workflow-manager using the tor-dns-verify-leak or tor-dns-fallback profiles.
Related Workflows
- DNS Switch Guide — DNS server configuration and management
- Tor Switch Guide — Tor network and DNS over Tor setup
- Routing Switch Guide — Network routing configuration
- IP Fetch Guide — IP geolocation and Tor verification
- Health Control Guide — Network connectivity and security checks
- Full CLI Reference: dns-leak commands