Solved 9 DNS Leaks_Enterprise Policies_DNS over HTTPS_Network Settings

Solved issue

Sherri is a Cat

Well-Known Member
Joined
May 8, 2021
Messages
793
Reaction score
361
Credits
6,866
1707685564219.png

As a new Linux user, my brain is getting overwhelmed. My Linux knowledge is limited. I'm not sure how to access network settings, if there is an app or if I need to change things using the terminal.


If I was using still using Win 8.1, I know what to do and where to go to make changes in settings. If the changes in settings are the same in Linux, I don't know how to change them.

Firefox options to change settings different also.

How it's done in Win 8.1
  • Disable "Your browser is being managed by your organization"
    • In windows this would done from the Command shell

1707687561351.png

  • Go to policy settings for Firefox and delete policies for that organization
  • Change the default DNS IP addresses for IPv4 in network connections
What's changed in Firefox
  • I'm using a different version of Firefox
  • Select "DNS over HTTPS"
  • Policy settings for things like Cloud-fare have caused DNS leaks before
    • From this website it say this about Enterprise Policies
      • "Some organizations restrict access to certain websites. If an organization has their own secure DNS, they will ask Firefox not to bypass it.
1707686292563.png



  • I can not change the policy to false on this page.

1707686746066.png



  • Changes can be made under "Documentation",
    • It looks like these changes are only for web extensions
    • There a LOT
1707686953590.png




  • Change can made in about:config to "False"
  • It looks like you need a template to do this
  • Firefox doesn't seem to have Policy Templates for Linux
  • If they did, I probably would know what to do with it anyway! o_O

I

This is a lot to figure out, I'm brand new to Linux and my cats are driving me crazy right now!

Can someone please help me? o_O
 

Attachments

  • 1707686534938.png
    1707686534938.png
    19 KB · Views: 38


Last edited:
yes way

Just follow the dots laid out in the pic.....and it is done.

If you have a second browser the procedure will be similar
 
yes way

Just follow the dots laid out in the pic.....and it is done.

If you have a second browser the procedure will be similar

There's only one thing about how easy it will be now...

I after writing everything that has to be done in Windows, I looked back at it and felt super smart. Now that it's going to be so easy, I realized I'm just average smart! :(
 
Average smart is still better than a C, is it not?

Besides, you were smart enough to try Linux looking for a better way. That's smart, in my books. ;)

Wizard
 
Just by checking what two vpn providers recommend, there doesn't seem to be much to it.
https://protonvpn.com/support/dns-leaks-privacy -> scroll to Linux

Just about every setting recommended in this article is the opposite of what my VPN told me to do. Maybe it's just my VPN?



Another problem is the "Enterprise Policy" directing Firefox at some websites to use THIER DNS rather than the ones for my VPN or the ones I specify in network settings. I'll get their eventually. If I absolutely have to, I'll "chat" with my service. I hate chat!
 
On linux you can pretty easy install a dns recursor so you have no dns leaks anymore.
As a brand new user of Linux, I don't even know what a dns recursor is! :oops:

But I'll find out if I have too!
 
Just about every setting recommended in this article is the opposite of what my VPN told me to do. Maybe it's just my VPN?
It could differ per vpn provider but all the ones I found mention NetworkManager. What vpn provider do you use?
 
Nord vpn is being used.
 
On linux you can pretty easy install a dns recursor so you have no dns leaks anymore.
I came across a dns recursor in Software Manager (LM21.3)....installed it....gave dnsleaktest.com a run.
It made zero difference to the result I posted at #2
 
Are you using OpenVPN or Wireguard for your vpn protocol. I'm using Wireguard and NetworkManager for my networking, when I connect to my vpn and go check for dns leaks it seems by dns doesn't leak as well as when I go check it on other dnsleak websites.
 
Last edited:
It could differ per vpn provider but all the ones I found mention NetworkManager. What vpn provider do you use?
NordVPN
It's the settings in the the OS network(s). Since I'm still moving over to Linux, I'm not always sure what the terminology is. After I didn't need to find it every single day in Windows, I forgot what it's called. I just looked around in network settings until I found it! It's where changes are made to the IPv4 DNS addresses in ALL networks. In Windows, I had to change them manually. They're not changed when Nord is installed. I learned a lot of ways to tweak it over the last 2 years.


Firefox settings have to be changed also....
Disable Digital Rights Media
Always use DNS over HTTPS. A few months ago Firefox changed its policy on this one. Under Privacy Settings, there is a notification that my organization is controlling my browser. In this case, it's my ISP. Controlling the browser is something IT would do where you work. At home, I AM the organization! A few days ago when I was only using the Nordvpn browser exteniton, my ISP's name was in every DNS leak.

Disabling that was A LOT of work. Some of it in the Firefox files in the system, some in about:config. I don't know if the same changes need to be made in Linux. There are many things I don't know how to find or where to look.

I've heard a lot of people say that VPNs slow down internet speeds. Rather than slow anything, NordVPN increases mine. I live WAY out of town. My best option for internet is cell phone service. I'm about 40 miles from the closest tower. Before my VPN, I had to watch YouTube in 480. And that was during low traffic. After getting NordVPN, I can watch 4K movies. It makes that much difference!

I don't know if the settings are different than other VPN's because of the improved performance, all the servers, I don't why. And I don't know if they are necessary with the Linux OS. The only thing I can say for sure is that I have a lot of DNS leaks!
 
Last edited:

Members online


Top