In the first part of our How to Hide Your Online Identity, we have taken you to the world of proxy servers. Hope you have enjoyed the ride.
Here we are back again with the second part of our detailed series. In this part, we will take you to the “Virtual” world. Amazed? Just Keep on reading. You will find all your answers.
Before You Proceed:
CAUTION AND WARNING
We hereby caution our readers that tricks, tips and tools described in the post and those which will be informed in future under this series are just to make web user aware of Internet Security.
These techniques must be used for some important deeds such as while providing personal and financial details to a public server. Don’t use these methods to carry out illegal activities.
What is a VPN ?
According to Wikipedia…
The VPN connection across the Internet is technically a wide area network (WAN) link between the sites but appears to the user as a private network link—hence the name “virtual private network”. enables a host computer to send and receive data across shared or public networks as if it were a private network with all the functionality, security and management policies of the private network.
This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.
Most VPN’s are used to add security. Today’s world is evolving quickly and the security pitfalls of modern conveniences are often ignored.
Public WIFI hotspots, common in airports and coffee shops, are a hackers dream because they offer streams of visible data waiting to be mined. Using a VPN keeps your information secure.
Deep Packet inspection is another growing concern. Many ISPs would like to analyze statistics from your online activities for marketing and routing purposes. Using a VPN thwarts efforts to conduct deep packet inspections.
Similarly, search engines and social networking sites, like Google and Facebook, are storing information about your online habits indefinitely. Since a VPN provides the user with a different IP address, these privacy invasions are also thwarted.
VPN services provide different gateway cities where the IP address assigned to your computer is located. This allows users to access websites only available to users from a certain country.
This application is particularly important for travellers who need to access websites from their home country and for people living in regions rife with censorship, like China and Iran.
How to Tutorial example…
- Assume a remote host with public IP address 22.214.171.124 wishes to connect to a server found inside a company network. The server has internal address 192.168.1.10 and is not reachable publicly. Before the client can reach this server, it needs to go through a VPN server/firewall device that has public IP address 126.96.36.199 and an internal address of 192.168.1.1. All data between the client and the server will need to be kept confidential, hence a secure VPN is used.
- The VPN client connects to a VPN server via an external network interface.
- The VPN server assigns an IP address to the VPN client from the VPN server’s subnet. The client gets internal IP address 192.168.1.50, for example, and creates a virtual network interface through which it will send encrypted packets to the other tunnel endpoint (the device at the other end of the tunnel).
- When the VPN client wishes to communicate with the company server, it prepares a packet addressed to 192.168.1.10, encrypts it and encapsulates it in an outer VPN packet, say an IPSec packet. This packet is then sent to the VPN server at IP address 188.8.131.52 over the public Internet. The inner packet is encrypted so that even if someone intercepts the packet over the Internet, they cannot get any information from it. They can see that the remote host is communicating with a server/firewall, but none of the contents of the communication. The inner encrypted packet has source address 192.168.1.50 and destination address 192.168.1.10. The outer packet has source address 184.108.40.206 and destination address 220.127.116.11.
- When the packet reaches the VPN server from the Internet, the VPN server decapsulates the inner packet, decrypts it, finds the destination address to be 192.168.1.10, and forwards it to the intended server at 192.168.1.10.
- After some time, the VPN server receives a reply packet from 192.168.1.10, intended for 192.168.1.50. The VPN server consults its routing table and sees this packet is intended for a remote host that must go through a VPN.
- The VPN server encrypts this reply packet, encapsulates it in a VPN packet and sends it out over the Internet. The inner encrypted packet has source address 192.168.1.10 and destination address 192.168.1.50. The outer VPN packet has source address 18.104.22.168 and destination address 22.214.171.124.
- The remote host receives the packet. The VPN client unencapsulates the inner packet decrypts it and passes it to the appropriate software at upper layers.