Everything About VPN
What is a VPN?
First of all: A VPN is always subject to a charge. The alternatives for free are pure data collection machines, where you have completely ceded the rights to use your own information. In addition: As soon as the corresponding software is running and you have logged on to the VPN server, all requests run exclusively via this VPN server. No matter what I do online with my PC, smartphone or e.g. tablet PC, my own IP address will not be shown to anyone anymore. Only the IP address of the VPN server is visible everywhere. The server can be located anywhere in the world. So if I want to pretend that I am from the USA, I choose a US-American server for this. And if I attach even more importance to anonymity, I choose a server outside Europe or the USA.
Can’t they recognize me now?
Sure, they can, because while surfing you transfer a lot of different information like screen resolution, language, operating system, browser, plug-ins and much more besides the IP address. The term Canvas Fingerprinting will surely have been heard by some readers before. Very “clever” contemporaries log on to Amazon, Facebook etc. and forget that they are already revealed by their login information in the cookies. When logged in, you’re welcome to use the Tor Browser to surf the web, even then Facebook knows my identity. So please remember that there are more things than just the IP address that can give you away.
What is a virtual network?
As we already noticed in the last Hacking World Guide about proxies, the VPN server forwards the requests and does not make the request on behalf of you like the proxy server does. A virtual private network is a self-contained communication network. Virtual in this context means that it is not a physical connection. In contrast to a connection via a LAN cable and my router, I use the network of the VPN provider as a transport medium. No matter what data comes in or goes out, it must first pass through the VPN server. Only then does the data migrate from or to the Internet. Because of the strict adherence to this redirection, your IP address is not known, but only that of the VPN provider where you have subscribed. A request could be, for example, a visit to a website. Or the connection to an IRC network, to an ftp server etc. VPNs differ mainly in terms of server location, protocol and encryption of data transmission. In this background report we will only deal with the following VPN protocols: IPsec and OpenVPN.
VPN protocols
##### ➤ IPsec (Internet Protocol Security) One IPsec can use a whole family of connection protocols. Mostly the protocol with the key management ikev1 or ikev2 is used. The IPSec header, which contains the security information, is inserted between the IP header and the parent header. The IP header contains data such as from which IP address the request was made and the destination of the request (website etc.). The red marked IPsec header protects your user data. It is formed by the checksum of the user data and the IP header and thus protects your data packets. The TCP/UDP header simply indicates whether TCP or UDP is used. Depending on the selection, the data transfer can be faster or not. In this case UDP is suitable for faster download rates.
Advantages:
➤ Strong encryption ➤ Protects against Man in the Middle (MITM) attacks ➤ Every operating system supports it by default
Disadvantages:
➤ Complicated configuration for laymen ➤ The connection may be insecure in case of configuration errors ➤ Can be blocked by the ISP/network operator
##### OpenVPN The OpenVPN protocol, as well as the OpenVPN software developed from it, are open source. The protocol is currently only supported by some Debian distributions (Linux). Users of operating systems like Windows or Mac OS X can download the software here. The OpenVPN header is located here between the UDP/TCP header, i.e. directly above the user data.
Advantages:
➤ Easy setup ➤ Strong encryption (wide range of encryption methods) ➤ Protects against MitM attacks ➤ High firewall compatibility, difficult to block ➤ Can also be installed on routers ➤ Low on resources (in terms of CPU and memory)
Disadvantage:
➤ Additional software must be installed for this. However, this is available for almost every operating system.
Where can I get a VPN?
When choosing the VPN provider, you should be as careful as when choosing the proxy provider. Some VPN providers in certain countries give the user the illusion of anonymity. But as soon as a letter from the court or an official request comes in, they will give out all the data. Therefore, the stealth team recommends secure VPN providers that are not subject to the “14 Eyes Jurisdiction”. Furthermore, attention should also be paid to how large the server selection is. The more the better. Also important are the data protection regulations with regard to logging, prices and most importantly, bandwidth. Nevertheless, one should also be careful with the operators: some VPN providers lure with low prices and are a subsidiary of a data mining company. It’s always worthwhile to start the search engine first!
Can nothing happen to me now with the VPN?
That depends on the situation. When it comes to file sharing or simply visiting websites, you are also on the safe side with the cheaper providers. Those who expend a lot of criminal energy in their Internet activities need high-priced providers who specialize in the scene sector or digital gray area. In this case, Perfect Privacy, SecureVPN.to etc. would offer themselves, to name just two examples. If you don’t want to commit a violation of any laws e.g. online fraud and instead only want to break border blocking websites, you are in good hands with any VPN of choice. You dont need to rely on privacy for such activities. There are, however, countless other VPN providers that are completely sufficient for normal use and at the same time affordable. In our forum the topic is regularly discussed. There is also a thread with different comparison sites, which list all the advantages and disadvantages of all providers.
Conclusion: When choosing the protocol, the layman should in any case choose the OpenVPN protocol. You have to choose the VPN provider yourself. It depends on what exactly you want to do on the Internet. The price of the provider sometimes depends on how they handle the requests of the authorities. According to their own information, nobody logs in and nobody gives anything away. The truth, however, may often look quite different. Many companies sell their customers a feeling of security. Some security researchers are not at all enthusiastic about this technology. The reason is simple: The VPN provider collects more information about you than with any data retention! They know everything, every step you take on the Internet. And even an anonymous payment, fake customer data in combination with a disposable email address etc. cannot hide the fact that the company still (at least most of the time) knows my real IP address.