DNS, VPN & Proxies in layman terms

Many people use VPNs, Proxies & DNS resolvers for different purposes, however, most of them have no idea about the use cases. I very recently saw someone mistaking a DNS resolver for VPN which motivated me to write this article.

While it is very useful to use such technologies it’s always better to know what these technologies can do/cannot do in order to get the most out of them.

I will be discussing DNS, VPN & Proxies in layman's terms so that anyone reading this article could understand them easily. You are humbly requested to devise your individual use case & do due diligence before using any service providers.

So without further ado, let’s dive in.

DNS: Domain Name System

Commonly termed as an Internet phonebook, DNS maps IP addresses to Domain names. Usually traveling over UDP port 53, it queries DNS servers with domain names & fetches the correct IP address(s) in order to load a website.

Let’s see how it actually works.

  1. The client opens a browser and types ”medium.com”.

2. This request goes to a DNS recursor (resolver) who checks the local database (cache) to see if the mapping is available there.

3. In case where the record is not found locally, recursor then queries to Root nameserver to get the address of .com TLD nameserver ( Top Level Domain nameserver ).

4. After getting hold of TLD nameserver, recursor gets the address for Authorative nameserver which contains the actual IP address(s) for that domain. This IP data is then sent back to the client who stores it in the cache for some time to resolve faster. In this case, IPs are “162.159.152.4 & 162.159.153.4”.

Now few important points,

i. Recursor could be anyone from your local system to your ISP. It’s always better to use a trusted DNS provider as they have access to literally all of your searches & could use it for various purposes starting from showing you targeted ads to selling your search data. This could get worse if your ISP gets breached & their DNS cache is poisoned as it could direct your every search to sites controlled by a malicious threat actor.

ii. Root nameservers are where records of TLD nameservers are kept. They are 13 nameservers (A-M) which are geographically distributed in clusters using Anycast technology.

iii. A single TLD nameserver contains entries for a particular TLD ( .com, .net, .org, etc) only.

iv. Authorative nameserver is where actual IP-to-DNS records are kept. It could be anyone from the hosting provider to the DNS manager.

v. You could also create these records locally by editing your hosts file. However, I recommend you don’t do so until you know exactly what you are doing.

vi. There are some utilities like dig, nslookup,etc which allows fetching the DNS records from the comfort of CLI.

vii. Make sure you know how the provider will use your data & what is their policy on logs.

VPN: Virtual Private Networks

VPN is a piece of special software which hides your original IP address & helps create a secure connection. This is done by creating a tunnel between your device & VPN provider’s private network, hence the term virtual private network. This essentially helps in hiding the internet traffic thus browsing securely.

Let’s see how it works.

  1. The client installs a VPN software, selects a protocol & clicks on connect.

  2. This request travels over the internet to the provider’s network.

  3. This request then routes through internally managed servers until a server is assigned to the client.

  4. Client can now send data that will be traveling encrypted over this private tunnel for their every connection. Websites will see the IP of that VPN server & not of the client.

Now few important points,

i. VPN can offer privacy & security however achieving anonymity using only VPN is a myth. For this consider using anonymous networks like TOR in conjunction with VPN.

ii. Again since they have access to your every data be careful whom you trust. Make sure your provider offers no-logs policy, does independent audits of their company & publishes warrant canaries. Also, make sure this provider is in a country where they can’t be forced to spy on you under the laws.

iii. VPNs encrypt communications so they are very helpful when using public networks for internet surfing. Since public networks can easily be malicious, using a VPN will hide your internet traffic from ISP as well as the network owner.

iv. There are some services like WebRTC that could reveal the original IP address even while using a VPN. It helps if you could disable these services.

v. A large number of free VPN services are often run by a few organizations who use them for malicious purposes. Since people have a tendency to look for free stuff which could potentially end up wreaking havoc, I strongly recommend against it. There is nothing like free lunch here & if it’s free then sadly people are the products. It is also worth noting that some trusted providers like ProtonVPN offer free services, however, do your due diligence first before trusting.

Proxies

Proxies are often misinterpreted as VPNs however both are very different in function as well as use cases. A proxy acts as an intermediary between a client & a server. It listens for a request and then either forwards it or drops it as per configurations.

Let’s see how it works.

  1. The client gets the IP of a proxy server & configures their system to use it while browsing.

  2. The client opens the browser & searches for “medium.com”.

  3. This query goes to the proxy server who makes the request on the client’s behalf.

  4. Once “medium.com” sends a response to the proxy server, it then forwards it back to the client. It is a pretty effective method since in an ideal scenario website won’t know who actually requested the resources.

Now few important points,

i. Proxy servers can act on both client side & server side. As per their functionality they could be either a forward proxy (client side) or a reverse proxy (server side).

ii. Proxy servers can share origin IP in headers like x-forwarded-for which could unmask the client. There are different types of proxy servers, make sure you use one that works with your individual use case. One of the most trusted proxy service worldwide is TOR network.

iii. Be careful while using free Proxies, they could easily be setup by malicious threat actors in order to exploit your system. Vet every provider before using their service.

iv. Since proxies could reveal your data in their requests, it’s a good idea to use multiple proxy servers from different providers in a chain. This will provide better security with the downside of slow connection speed.

v. A proxy server doesn’t necessarily mean your data will be encrypted. It is also worth noting that a proxy server can easily modify the requests/responses without the client knowing.

A more comprehensive post on VPN & Proxies will soon follow. Meanwhile if you are still here I would greatly appreciate any feedback in order to provide you with better content.