Back to Top

Articles, guides and everything else


Working with VPNs


vpn

Virtual private networks help people get access to the desired websites through a secure connection. Many people utilize VPNs to access geo-restricted websites, for example.

At a basic level, a VPN is quite similar with a home network. By connecting to it, your device becomes a client for the virtual private network. And since that network is fully secured, all the data that flows from your computer to it will be encrypted as well. Whenever you want to connect to a particular website, your browser's request will be forwarded to the VPN server, which will then connect your computer to the desired site securely.

Virtual private networks have recently become more widespread, because Internet Service Providers are now allowed to sell their users' data. It is true that businesses have been using them for decades now, but people who understand the dangers of the Internet are now utilizing them as well.

You can create your own VPN server, if you want to. This will allow you to connect to various websites in a secure way, but won't be of any help if you are interested in accessing geo-restricted sites. Therefore, my recommendation is to utilize an online service that will take care of everything that's needed and costs a reasonable amount of money.

Not all VPN services are created equal, though.

 

Some of them will provide lightning fast Internet access, while others will only have average download speeds. Some providers will offer advanced privacy and security features, while others may sell your browsing information to the interested third parties. Some VPN applications are cumbersome to use, while others have a simple, easy to understand user interface. And I could go on and on...

However, when it comes to VPNs, one of the most important features is the encryption protocol that they are utilizing. Here are the most frequently used protocols.

1. PPTP, the acronym for Point-to-Point Tunneling Protocol, is about two decades old, and yet still used by some VPN service providers even today. It has been built in the older versions of the Windows OS, so it is really easy to use. It can only utilize TCP port 1723 though, so it can be easily blocked. It's also gotten several serious security flaws, so my firm recommendation is to stay away from it. To give you an example, an attacker can get access to the OS password by intercepting a data response package.

2. OpenVPN utilizes open source code, so it doesn't have any backdoors, at least in theory. It works perfectly when it is used in conjunction with the AES encryption technology, which is utilized by the US government as well. The powerful SSL/TLS key exchange mechanism is a component of OpenVPN, and this makes it the ideal VPN protocol in my book.

However, you should be aware of the fact that Windows doesn't provide native OpenVPN support, so if you choose to use a third-party virtual private network service, you will have to pick a provider which offers a fully functional, and yet easy to use companion application.

3. The Layer 2 Tunneling Protocol (L2TP) is often used for mobile devices, because its components are included in most mobile OSs. Unlike OpenVPN, traffic can't be forwarded to the desired port, so it can be easily blocked by various firewalls. So, L2TP is not the ideal solution if you plan to access websites that are located in a different country. Also, it doesn't include any data encryption mechanism; that's why it is often used in conjunction with IPsec, a network protocol suite which can automatically secure applications at the IP layer.

4. Secure Socket Tunneling Protocol (SSTP) has been introduced in more recent versions of the Windows operating system. It offers built-in SSL/TLS support and can make use of the secure AES encryption mechanism, so data security is guaranteed.

It's Microsoft's proprietary VPN, and it has been introduced in Windows Vista SP1 for the first time. Its initial goal was to allow remote client access, but today it is used for Azure's Point-to-Site Virtual Network system as well.