Proxy and VPN: Difference between revisions

From BoyWiki
Eskimo (talk | contribs)
No edit summary
Eskimo (talk | contribs)
Free VPN providers paragraph added
Line 15: Line 15:
To completely avoid VPN disconnections revealing your computer IP the best one can do is to use an SSH tunnel instead of a VPN, unlike VPNs, SSH tunnels do not route all of your Internet traffic, they work on per application bases, when an SSH tunnel goes down your browser will not work and your real IP will remain secret until the tunnel is activated again. Privacy trends point towards VPNs, there are very few commercial SSH tunnel providers, some of them are VPNSecure.me, Cotse.net and Tunnelr.com
To completely avoid VPN disconnections revealing your computer IP the best one can do is to use an SSH tunnel instead of a VPN, unlike VPNs, SSH tunnels do not route all of your Internet traffic, they work on per application bases, when an SSH tunnel goes down your browser will not work and your real IP will remain secret until the tunnel is activated again. Privacy trends point towards VPNs, there are very few commercial SSH tunnel providers, some of them are VPNSecure.me, Cotse.net and Tunnelr.com


== External links ==  
=== Free VPN providers ===
 
A number of companies like HotSporShield or CyberGhost VPN provide free VPN access, these services have speed and bandwidth limits or serve you advertisements to monetize their free services, the privacy policy for these services is usually unknown and very vague, paid for VPN providers will let you know in their FAQ how long for they keep logs, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers are still suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for.
 
=== Understanding VPN logs ===
 
All VPN providers will advertise that they do not track users and do not log what sites to visit, it is important to understand that it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date what user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. All servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on the specified date and time with a particular IP belonging to the VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person.
 
== External links ==
 
* [http://www.hacker10.com/internet-anonymity/hma-vpn-user-arrested-after-ip-handed-over-to-the-fbi/ HMA VPN user arrested after IP handed over to the FBI]
* [http://www.hacker10.com/internet-anonymity/hma-vpn-user-arrested-after-ip-handed-over-to-the-fbi/ HMA VPN user arrested after IP handed over to the FBI]
* [http://www.comodo.com/secure-dns/ Comodo Secure DNS]
* [http://www.comodo.com/secure-dns/ Comodo Secure DNS]

Revision as of 14:51, 21 April 2013

A proxy is a server that routes connections in order to provide some additional service such as security, anonymity, or information processing. A common use is to connect to a proxy in order to mask one's IP address from a web server. There are thousands of proxy servers available, but many of them may not be trustworthy. One of the most secure system of proxies is Tor, a protocol for onion routing, the tor proxy is made up of three different proxy servers located in different countries, in order for an attacker to find out who is behind a website request he would have to get access to all servers and get hold of the logs, which are not meant to be kept by tor operators.

VPN

A VPN is a single hop proxy that is considerably faster than tor and that is its main advantadge, however a VPN is not to be trusted for high security and there has been instances in which people using a VPN to commit a crime have been arrested, when choosing a VPN, to minimize the risk of your privacy being compromised, one should look a company that does not keep connection logs for too many days and it is located offshore (i.e. not in your country of residence). Nearly all VPNs claim not to keep logs about the websites you visit but they do not specify anything about connection logs, it is not necessary to know what websites you visit to track you down, only connection logs, time and date of connection and what IP was assigned, are needed.

You can find free VPN services, they can be used to get around Internet filters and light privacy but not for high security, free VPN services are financed either selling your data to advertisements or giving you a limited bandwidth amount and hope that the user will upgrade to the paid for version.

VPN vulnerabilities

A very common VPN vulnerability is that the server sometimes will disconnect and show your real IP, this will be unexpected and there is little protection against it. One rough trick you can use to notice a VPN disconnection is to stream online music while you surf the Internet, for example listening to Pandora radio, when the VPN disconnects the music will stop playing, another way to stop exposing your IP is choosing a company that has VPN software with IP binding, Security Kiss has such feature, when IP binding has been activated it will stop your IP leaking out.

A second VPN vulnerability is a DNS leak, before you can access a website its URL needs to be resolved, DNS is used for this, by default you will be using your ISP DNS servers to resolve addresses, if your DNS leaks it would be possible to find your Internet provider by looking at that DNS name, although your computer IP would still be hidden. DNS leaks are sometimes patched by your own VPN provider but not always, if you use a VPN you can check if the DNS leaks visiting the DNSleaktest in external links. You can manually prevent DNS leaking changing your DNS resolver to a free one like Comodo Secure DNS, OpenDNS is another free DNS provider.

To completely avoid VPN disconnections revealing your computer IP the best one can do is to use an SSH tunnel instead of a VPN, unlike VPNs, SSH tunnels do not route all of your Internet traffic, they work on per application bases, when an SSH tunnel goes down your browser will not work and your real IP will remain secret until the tunnel is activated again. Privacy trends point towards VPNs, there are very few commercial SSH tunnel providers, some of them are VPNSecure.me, Cotse.net and Tunnelr.com

Free VPN providers

A number of companies like HotSporShield or CyberGhost VPN provide free VPN access, these services have speed and bandwidth limits or serve you advertisements to monetize their free services, the privacy policy for these services is usually unknown and very vague, paid for VPN providers will let you know in their FAQ how long for they keep logs, it is essential for privacy activists when using a VPN to select a provider that keeps logs for as few days as possible, free VPN providers are still suitable for privacy if they clearly state on their FAQ what kind of logs they keep and how long for.

Understanding VPN logs

All VPN providers will advertise that they do not track users and do not log what sites to visit, it is important to understand that it is not necessary to keep a record of visited websites to track someone down, all that is needed is to keep connection logs detailing at what time and on what date what user had the specified IP, these are the kind of logs that proxy and VPN providers keep, connection logs. All servers log accurate visitors time and dates, if for example, a VPN provider receives a complaint from Yahoo that someone posted a political comment on the specified date and time with a particular IP belonging to the VPN company, all that is needed for the VPN company is to look at the connection logs and see who had that IP that day on that time matching it with a real person.

External links