How to make your VPN more secure

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
PCHF IT Feeds

PCHF IT Feeds

PCHF Tech News
PCHF Bot
Jan 10, 2015
52,145
26
pchelpforum.net
Encryption-Main-470-75.jpg

How to make your VPN more secure


VPNs by default provide excellent security and anonymity, but that doesn't mean they're uncrackable. If you want to be truly secure, there's more you can do. Here we've listed some ways to better ensure your privacy and protection

Changing the VPN protocol


Changing%20the%20VPN%20protocol-420-90.jpg


There isn't just one type of VPN. There are actually a variety of different VPN protocols in common use, and many VPN providers actually give you a choice. Sometimes that choice is available in the connection app; sometimes it's simply a configuration option for third-party VPN tools.

Most commonly, your options are PPTP (point to point tunneling protocol), L2TP/IPSec (layer 2 tunneling protocol) and OpenVPN.

Especially if you're setting it up yourself on a mobile device or flashed VPN router, PPTP and L2TP can seem like the better option, since they're much easier to configure. In many cases, you only really need a server name, username and password.

It's absolutely worth using OpenVPN, however. PPTP has essentially been cracked – it uses weak 128-bit encryption and the initial connection and authentication process can be intercepted and cracked. On the upside, it's actually the fastest of the protocols because it has lowest encryption overhead.

L2TP is more secure. But it also adds a lot of overhead, and is the slowest of the protocols.

OpenVPN is the best of both worlds: it's fast, recovers quickly from a lost connections and is completely secure as far as we know. If you have the option, it's the way to go.

Software and leaking


The%20kill%20switch-420-90.jpg


One of the issues with a VPN connection is that if the VPN connection fails – if the VPN server goes down or the connection is lost – your computer will immediately drop back to your regular internet address, potentially making you vulnerable. You probably won't even know it has happened.

That's where the kill switch comes in. It ensures that if you lose the VPN then either your internet connection is shut down or the apps that use it are. Essentially, if you're not connecting over the VPN, you're not connecting at all.

Some VPN connection apps actually have it built in. If you want to use it, you just switch it on.

An alternative is VPNetMon, a great little app for Windows that can be configured to instantly close selected apps if the VPN dies and restart them if it goes up again.

To set it up, follow these steps:

1. Connect to your VPN.

2. Start the app and click on Opt.

3. On the left, it should show two IP addresses: your local IP address (on top), and your VPN IP address (second). In the field where it says VPN IP Start, enter the first number of your VPN IP address; for example, if it's 10.1.1.68, then type in 10. This is how it detects if you're connected.

4. Next to A1, click Browse and find an app you'd like it to control, eg. utorrent.exe. If you check the Control box it will automatically shut it down if your VPN goes offline. If you check Auto, it will restart it when the VPN comes back on.

DNS leaks


Magnifying%20glass%20on%20danger-420-90.jpg


DNS, if you remember, is that service that your computer uses to translate URLs like techradar.com into IP addresses.

When you're connected to a VPN, you should automatically be using the secure DNS server provided by the VPN service. Except sometimes you don't; sometimes your computer might use its regular DNS connection, bypassing the VPN. That's called a DNS leak, and it could be monitored by outside forces.

Some VPN clients have DNS leak protection built in, but if it doesn't you can run a test here. The location it tells you should be your "apparent" VPN location, not your actual one. If it fails, then there's a quick app you can download from the site that provides a fix.

IPv6 leaks


IPv6%20leaks-420-90.jpg


For most internet activity, we use the good old version 4 of the internet protocol; you know, the one with the four-number IP addresses. The thing is, there's actually a version 6 of the protocol as well, which is designed to provide a lot more internet addresses than IPv4. Now, nobody actually uses IPv6 outside of academia, but your PC still supports it.

IPv6 operates outside of the VPN, and an attacker might use it to figure out who you are. It's not something that's done often, but it is possible, and the only real fix is to disable IPv6. Some VPN clients have the ability built in, but if you want to do it manually, there's a quick guide here. There's also an official Microsoft guide (with apps).

If you just want to check if your system is leaking, you can also visit this website and run a test while you're connected to the VPN.









a2t.img
mf.gif
07X02MAGLZE


Continue reading...
 
You must log in or register to reply here.
Top Bottom