using vpn for security - sirinc2.org presentations/jan 2020 using vpn.pdfhow a vpn works a virtual...

Using VPN For

SecurityFRANK MAY

SIR AREA 16 COMPUTER AND TECHNOLOGY MEETING

JANUARY 16, 2020

Using VPN for Security

What is a Virtual Private Network (VPN)?

History of VPN

Why is a VPN important to an individual computer user?

What to look for when choosing a VPN solution,

Some recommended solutions

VPN on tablets and phones

TOR Network

Torrenting – A Protocol for Large File Distribution

History of VPN

History of VPN

History of VPN

History of VPN

My Introduction to VPN

VPN

Server

APP

VPN

Client

APP

How Did VPN Become So Popular?

How a VPN Works

A Virtual Private Network (VPN)

creates private tunnels for your

online activity to pass through.

Cost effective and easy to setup,

vastly improving your privacy can be

as simple as a software download

Basics of VPN EncryptionVPN encryption scrambles the contents of your internet traffic in such a

way that it can only be un-scrambled (decrypted) using the correct key.

Outgoing data is encrypted before it leaves your device. It’s then sent to

the VPN server, which decrypts the data with the appropriate key. From

there, your data is sent on to its destination, such as a website. The

encryption prevents anyone who happens to intercept the data between

you and the VPN server—internet service providers, government agencies,

wifi hackers, etc—from being able to decipher the contents.

Incoming traffic goes through the same process in reverse. If data is

coming from a website, it first goes to the VPN server. The VPN server

encrypts the data, then sends it to your device. Your device then decrypts

the data so you can view the website normally.

All of this ensures that VPN users’ internet data remains private and out of

the hands of any unauthorized parties.

Difference Between Varying Types

of Encryption Include:

• Encryption strength, or the method and

degree to which your data is scrambled

• How the encryption keys are managed

and exchanged

• What interfaces, protocols, and ports

they use

• What OSI layers they run on

• Ease of deployment

• Performance (read: speed)

Where Does IPSec Fit in the OSI 7-

layer Stack?

Reasons for Using a VPN

• Security on public WiFi

• Who is watching?

• What information do you

transmit?

• Protection from ISP

• Location anonymity

• Surveillance concerns

• Access to blocked websites

What Does a VPN Hide?

• Browsing History

• IP Address and Locations

• Location for Streaming

• Your Devices

• Web Activity (logging is key)

• Also Protects Against Identity Theft

This Photo by Unknown Author is

licensed under CC BY-NC-ND

Downsides to VPN

• Learning Curve

• Download speeds may suffer –

increased latency

• Complete anonymity really is

impossible

• Tor provides additional security

• Some websites may refuse to

work if they detect a VPN is being

used – the Netflix problem .

Choosing Your VPN Provider• Choosing a VPN Provider is a matter of trust

• Paid vs Free VPN’s

• Consider how VPN service is making money

• “We mean it. Don’t use a free VPN service”

• don’t offer the most current or secure protocols

• don’t offer the highest bandwidth and connection speeds to free users

• do have a higher disconnection rate

• don’t have as many servers in as many countries globally

• don’t offer support

• Not all encryption is created equal

• Open VPN or IKEv2 protocols are considered good

• PPTP has known security risks

• VPN logging leaves traces

• Does service use multi-chain hop – multiple VPN servers in multiple locations

• US services aren’t really private

Choosing Your VPN ProviderRead VPN service operational policies – understand affiliates and how to opt out of using them.

Spam popups or access to your data

Anonymized support. – Private chat service for support or encrypted email communications

VPN across devices – not just for your computer. Phones, pads and other devices also need protection.

Do they respect your privacy? The point of using a VPN is to protect your privacy, so it’s

crucial that your VPN provider respects your privacy, too. They should have a no-log policy, which

means that they never track or log your online activities.

Do they run the most current protocol? OpenVPN provides stronger security than other protocols,

such as PPTP. OpenVPN is an open-source software that supports all the major operating systems.

Do they set data limits? Depending on your internet usage, bandwidth may be a large deciding

factor for you. Make sure their services match your needs by checking to see if you’ll get full,

unmetered bandwidth without data limits.

Where are the servers located? Decide which server locations are important to you.

If you want to appear as if you’re accessing the Web from a certain locale, make sure

there’s a server in that country.

Some of the Top VPN Applications

Some of the Top VPN Applications

Some of the Top VPN Applications

Some of the Top VPN Applications

Some of the Top VPN Applications

VPN Increases Latency

Why Do I Need a VPN on a Phone?• Allow you to use Public Network

• Really for the same reasons as for any computer

• Use same provider for all of your devices

• Choose app and download from Google Play or App store

• Make sure you are downloading the official app

• Install application – creating an account – pay for license

• Do not recommend permanently running app in background

• To use, open the app and turn it on

• Normally connect to the server close to you

• Interesting reading: https://www.cnet.com/news

• /the-best-mobile-vpns-for-iphone-and-android-compared/

Getting Started With a VPN• Download application for all devices

• Sign on

• Connect to the closest server

• Can configure using device network settings

• Not recommended

• Manually update server information

• Can’t use application features

• Can implement a VPN on a router

• Protect all devices on network

• Including appliances, plugs, TV’s etc.

Choosing a Server

• Closest server for better speeds

• Region-based content

• Bypass government censorship – server in different country

• Specialized servers – streaming video – BitTorrent

• Kill switch feature if VPN not available

• A word on protocol

• OpenVPN recommended

• IKEv2 if OpenVPN not available

• WireGuard - Protocol of the future – very fast

This Photo by

Unknown Author is

licensed under CC

BY-SA

The Tor Network – “The Onion

Router”

Tor Browserhttps://www.pcworld.com/article

/2686467/how-to-use-the-tor-

browser-to-surf-the-web-

anonymously.html