Question What happens to DNS requests when using a proxy ?

[spartanmode]

I am interested in buying a proxy to hide my IP.
When I'm using a proxy in a browser (not on the whole system) what happens to DNS requests? Are DNS requests going through the proxy as well, or are they being handled separately, thus exposing my IP? Does it depend on how a proxy server is configured, or does all proxy servers handle DNS requests the same way?
When using a proxy should I buy a separate proxy for DNS to increase privacy/security?

Thanks!

 

[SkyNetRising]

When I'm using a proxy in a browser (not on the whole system) what happens to DNS requests?
Are DNS requests going through the proxy as well, or are they being handled separately, thus exposing my IP?

DNS requests go to DNS server configured in your system settings.

Does it depend on how a proxy server is configured, or does all proxy servers handle DNS requests the same way?

No. It doesn't work that way.
DNS service resolves host name to IP address.
IP address is used for any further communication.

When using a proxy should I buy a separate proxy for DNS to increase privacy/security?

There are free proxy services also. You don't really have to buy anything.

I think, what you're looking for is VPN instead (not proxy services).

 

[spartanmode]

DNS requests go to DNS server configured in your system settings.

No. It doesn't work that way.
DNS service resolves host name to IP address.
IP address is used for any further communication.

There are free proxy services also. You don't really have to buy anything.

I think, what you're looking for is VPN instead (not proxy services).

Thanks for clearing this up. I have a few more questions.

What happens after request is sent to DNS resolver, when I'm using a proxy? Does it send the server IP back to proxy or forward my request directly to the server I'm trying to communicate thus exposing my IP? What I'm asking is, when using a proxy, do I expose my ip to the server I'm trying to visit by using an unencrypted DNS?

No, I'm looking for a proxy, because VPNs IPs are blocked for my purposes,

 

[SkyNetRising]

What happens after request is sent to DNS resolver, when I'm using a proxy? Does it send the server IP back to proxy or forward my request directly to the server I'm trying to communicate thus exposing my IP? What I'm asking is, when using a proxy, do I expose my ip to the server I'm trying to visit by using an unencrypted DNS?

DNS server is a simple device.
You send it hostname, it returns IP address.
Then your pc sends request to IP address (received from DNS service).

In case of web proxy,
1. Proxy name is sent to DNS, you receive proxy IP address;
2. Web request is sent to proxy.
3. Any further DNS requests (from your web query) are handled by proxy.

a) Proxy sends web server hostname to DNS service, receives IP address,​

b) Proxy passes web request to web server (using IP), receives response and​

c) Forwards web response to you.​

​

Web server only sees requests from proxy. It does not see your requests or your IP address.

 

[spartanmode]

DNS server is a simple device.
You send it hostname, it returns IP address.
Then your pc sends request to IP address (received from DNS service).

In case of web proxy,
1. Proxy name is sent to DNS, you receive proxy IP address;
2. Web request is sent to proxy.
3. Any further DNS requests (from your web query) are handled by proxy.

a) Proxy sends web server hostname to DNS service, receives IP address,​

b) Proxy passes web request to web server (using IP), receives response and​

c) Forwards web response to you.​

​

Web server only sees requests from proxy. It does not see your requests or your IP address.

Ok, now I understand that the server I'm trying to communicate with doesn't know my real IP, but what about the ISP in this process? Does the ISP know the server I'm trying to visit? For example, I'm trying to visit facebook.com through a proxy. Facebook doesn't know my real IP, it only knows the IP of the proxy server. What about the ISP? Does ISP know that I'm trying to visit facebook.com, or it just sees that I'm using a proxy and it only can see proxy servers IP? In my example I'm using a HTTP proxy and also DNS over HTTPS.

 

[SkyNetRising]

Does the ISP know the server I'm trying to visit? For example, I'm trying to visit facebook.com through a proxy. Facebook doesn't know my real IP, it only knows the IP of the proxy server. What about the ISP? Does ISP know that I'm trying to visit facebook.com, or it just sees that I'm using a proxy and it only can see proxy servers IP? In my example I'm using a HTTP proxy and also DNS over HTTPS.

If you want to hide from ISP, then you have to use encrypted HTTPS communications.
Unencrypted HTTP requests are fully readable by ISP (even through proxy).

 

[spartanmode]

If you want to hide from ISP, then you have to use encrypted HTTPS communications.
Unencrypted HTTP requests are fully readable by ISP (even through proxy).

Wouldn't I still expose my IP and servers IP I want to visit with HTTPS? I read that HTTPS encrypts only content being transmitted, but not the domain IP

 

[bill001g]

First the IP addresses mean less than they used to. This is related to the "cloud" buzz words you hear all the time regarding internet.
Used to be a web server was exactly that a machine sitting in a data center. Modern "web servers" are many time virtual things and reside in many different physical locations at the same time and have many different IP addresses.
In addition you can have multiple servers from different companies sharing the same pool. You might for example be able to tell the IP is owned by say amazon, google, cloudflare etc but not really tell which exact web service is using it.

This though varies a lot between servers and how they are implemented.

You should not really use a proxy if you main goal is hide your traffic. It is more used to get past some restriction such as you want to pretend you are located someplace else. It also hides your real IP from the end server but not from say your ISP.

A big problem with a proxy is it is actually doing what someone would do to do a man in the middle attack to steal your data. Things like HTTPS/SSL are designed to prevent this. The encryption is end to end. This pretty much eliminated the primary use of a proxy. It used to be used to cache data from servers to reduce the internet traffic and improve performance.

Modern proxy now act more as a simple NAT rather than a caching server. They pretty much just pass the HTTPS connection through and change the IP.

Although maybe this has changed since I last looked at it you can not really have a HTTPS session inside a second HTTPS session using just a simple web browser. This means the connection between you and the proxy is non encrypted HTTP. So someone can look inside and see the HTTPS session and where the final server IP is.

A VPN although many use SSL to encrypt the data it is not a "web" session. This tends to be the key difference between a vpn and a proxy.

 

[spartanmode]

First the IP addresses mean less than they used to. This is related to the "cloud" buzz words you hear all the time regarding internet.
Used to be a web server was exactly that a machine sitting in a data center. Modern "web servers" are many time virtual things and reside in many different physical locations at the same time and have many different IP addresses.
In addition you can have multiple servers from different companies sharing the same pool. You might for example be able to tell the IP is owned by say amazon, google, cloudflare etc but not really tell which exact web service is using it.

This though varies a lot between servers and how they are implemented.

You should not really use a proxy if you main goal is hide your traffic. It is more used to get past some restriction such as you want to pretend you are located someplace else. It also hides your real IP from the end server but not from say your ISP.

A big problem with a proxy is it is actually doing what someone would do to do a man in the middle attack to steal your data. Things like HTTPS/SSL are designed to prevent this. The encryption is end to end. This pretty much eliminated the primary use of a proxy. It used to be used to cache data from servers to reduce the internet traffic and improve performance.

Modern proxy now act more as a simple NAT rather than a caching server. They pretty much just pass the HTTPS connection through and change the IP.

Although maybe this has changed since I last looked at it you can not really have a HTTPS session inside a second HTTPS session using just a simple web browser. This means the connection between you and the proxy is non encrypted HTTP. So someone can look inside and see the HTTPS session and where the final server IP is.

A VPN although many use SSL to encrypt the data it is not a "web" session. This tends to be the key difference between a vpn and a proxy.

Thank you for the detailed response.
Proxies are great. I heard of them before, but only just recently discovered how effective they can be to do certain things that VPNs can't.
But like you say from a security perspective they're not good. You made a very good point about HTTPS traffic being visible between me and a proxy. I have a question in this regard. Let's say I search on google for used cars, normally without a proxy the ISP would only be able to see that I visited google and not the specific search terms because the connection go through HTTPS. Does this change when using a proxy? If I'm using a HTTP proxy, then wouldn't ISP be able to to see what I searched for on google even though I visited a HTTPS website, because the traffic between me and a proxy is not HTTPS? I hope this question makes sense.

 

[Math Geek]

you need to learn a bit more about how packets themselves are packaged and sent around the web.

https is encrypted from your pc and not unencrypted until it gets to its destination. sending it through a proxy/vpn, introduces a middle man for the traffic to go through, but in the end your original data is still encrypted but the header info (address label basically) is still readable cause it has to be. a proxy will wrap this packet again and addressed to the proxy/vpn server. the server unwraps it and then send the original data onto its destination as addressed in the header.

your isp is between you and the proxy/vpn server so it sees the header info sending it to the server and not the final destination. however as stated above that a non-encrypted proxy would still wrap the packet with its own info but you can see inside it to the packet and can thus read the final destination off of it if you wanted to.

a vpn is encrypted and thus your https packet is encrypted and then it is done again by the vpn software. so now your isp can only see the header sending it to the vpn server and nothing inside the packet.

it's possible to have be wrapped multiple times with encryption depending on what you are doing. you can encrypt data, send it over https which encrypts it again, put a vpn in the middle which encrypts it a 3rd time and so on. each step only unwraps what it is allowed to and then sends the rest where the next layer says to. there's a lot going on to route traffic around the web as your packet is wrapped and unwrapped at every stop of the way with this top layer header only addressed to the next stop along the way. this is why encryption is so important so all these middle steps only get to see a single header and then nothing underneath.