using vpn for security - sirinc2.org presentations/jan 2020 using vpn.pdfhow a vpn works a virtual...
TRANSCRIPT
Using VPN For
SecurityFRANK MAY
SIR AREA 16 COMPUTER AND TECHNOLOGY MEETING
JANUARY 16, 2020
Using VPN for Security
What is a Virtual Private Network (VPN)?
History of VPN
Why is a VPN important to an individual computer user?
What to look for when choosing a VPN solution,
Some recommended solutions
VPN on tablets and phones
TOR Network
Torrenting – A Protocol for Large File Distribution
History of VPN
History of VPN
History of VPN
History of VPN
My Introduction to VPN
VPN
Server
APP
VPN
Client
APP
How Did VPN Become So Popular?
How a VPN Works
A Virtual Private Network (VPN)
creates private tunnels for your
online activity to pass through.
Cost effective and easy to setup,
vastly improving your privacy can be
as simple as a software download
Basics of VPN EncryptionVPN encryption scrambles the contents of your internet traffic in such a
way that it can only be un-scrambled (decrypted) using the correct key.
Outgoing data is encrypted before it leaves your device. It’s then sent to
the VPN server, which decrypts the data with the appropriate key. From
there, your data is sent on to its destination, such as a website. The
encryption prevents anyone who happens to intercept the data between
you and the VPN server—internet service providers, government agencies,
wifi hackers, etc—from being able to decipher the contents.
Incoming traffic goes through the same process in reverse. If data is
coming from a website, it first goes to the VPN server. The VPN server
encrypts the data, then sends it to your device. Your device then decrypts
the data so you can view the website normally.
All of this ensures that VPN users’ internet data remains private and out of
the hands of any unauthorized parties.
Difference Between Varying Types
of Encryption Include:
• Encryption strength, or the method and
degree to which your data is scrambled
• How the encryption keys are managed
and exchanged
• What interfaces, protocols, and ports
they use
• What OSI layers they run on
• Ease of deployment
• Performance (read: speed)
Where Does IPSec Fit in the OSI 7-
layer Stack?
Reasons for Using a VPN
• Security on public WiFi
• Who is watching?
• What information do you
transmit?
• Protection from ISP
• Location anonymity
• Surveillance concerns
• Access to blocked websites
What Does a VPN Hide?
• Browsing History
• IP Address and Locations
• Location for Streaming
• Your Devices
• Web Activity (logging is key)
• Also Protects Against Identity Theft
This Photo by Unknown Author is
licensed under CC BY-NC-ND
Downsides to VPN
• Learning Curve
• Download speeds may suffer –
increased latency
• Complete anonymity really is
impossible
• Tor provides additional security
• Some websites may refuse to
work if they detect a VPN is being
used – the Netflix problem .
Choosing Your VPN Provider• Choosing a VPN Provider is a matter of trust
• Paid vs Free VPN’s
• Consider how VPN service is making money
• “We mean it. Don’t use a free VPN service”
• don’t offer the most current or secure protocols
• don’t offer the highest bandwidth and connection speeds to free users
• do have a higher disconnection rate
• don’t have as many servers in as many countries globally
• don’t offer support
• Not all encryption is created equal
• Open VPN or IKEv2 protocols are considered good
• PPTP has known security risks
• VPN logging leaves traces
• Does service use multi-chain hop – multiple VPN servers in multiple locations
• US services aren’t really private
Choosing Your VPN ProviderRead VPN service operational policies – understand affiliates and how to opt out of using them.
Spam popups or access to your data
Anonymized support. – Private chat service for support or encrypted email communications
VPN across devices – not just for your computer. Phones, pads and other devices also need protection.
Do they respect your privacy? The point of using a VPN is to protect your privacy, so it’s
crucial that your VPN provider respects your privacy, too. They should have a no-log policy, which
means that they never track or log your online activities.
Do they run the most current protocol? OpenVPN provides stronger security than other protocols,
such as PPTP. OpenVPN is an open-source software that supports all the major operating systems.
Do they set data limits? Depending on your internet usage, bandwidth may be a large deciding
factor for you. Make sure their services match your needs by checking to see if you’ll get full,
unmetered bandwidth without data limits.
Where are the servers located? Decide which server locations are important to you.
If you want to appear as if you’re accessing the Web from a certain locale, make sure
there’s a server in that country.
Some of the Top VPN Applications
Some of the Top VPN Applications
Some of the Top VPN Applications
Some of the Top VPN Applications
Some of the Top VPN Applications
VPN Increases Latency
Why Do I Need a VPN on a Phone?• Allow you to use Public Network
• Really for the same reasons as for any computer
• Use same provider for all of your devices
• Choose app and download from Google Play or App store
• Make sure you are downloading the official app
• Install application – creating an account – pay for license
• Do not recommend permanently running app in background
• To use, open the app and turn it on
• Normally connect to the server close to you
• Interesting reading: https://www.cnet.com/news
• /the-best-mobile-vpns-for-iphone-and-android-compared/
Getting Started With a VPN• Download application for all devices
• Sign on
• Connect to the closest server
• Can configure using device network settings
• Not recommended
• Manually update server information
• Can’t use application features
• Can implement a VPN on a router
• Protect all devices on network
• Including appliances, plugs, TV’s etc.
Choosing a Server
• Closest server for better speeds
• Region-based content
• Bypass government censorship – server in different country
• Specialized servers – streaming video – BitTorrent
• Kill switch feature if VPN not available
• A word on protocol
• OpenVPN recommended
• IKEv2 if OpenVPN not available
• WireGuard - Protocol of the future – very fast
This Photo by
Unknown Author is
licensed under CC
BY-SA
The Tor Network – “The Onion
Router”
Tor Browserhttps://www.pcworld.com/article
/2686467/how-to-use-the-tor-
browser-to-surf-the-web-
anonymously.html