Virtual private networks (VPNs) are important for business security and also for the consumer. A virtual private network is a secure tunnel between two or more computers over the Internet, which allows them to access each other as if it were a local network.
In the past, virtual private networks (VPNs) were used primarily by companies to securely link remote branches, or connect roaming employees to the branch network; But today they are also an important service to consumers, protecting them from attacks when they connect to public wireless networks. Given its importance, here are five important things you need to know about VPNs:
Good for your privacy and security
Open, and unrestricted wireless networks pose a grave risk to users, as attackers on the same networks can use various methods to sniff web traffic and even seize accounts on websites that do not use the HTTPS security protocol. Also, some Wi-Fi network operators inject advertisements into web traffic intentionally, which could end up becoming an unwanted tracking.
In some parts of the world, governments track users visiting certain websites to discover their political affiliations and identify dissidents – practices that threaten freedom of expression and human rights.
By using a VPN connection, all your traffic can be routed securely through a server located elsewhere in the world. This protects your computer from local hacking attempts and even hides your actual Internet Protocol address from the websites and services you access.
Not all VPNs were created equal
There are different VPN technologies with various encryption capabilities. For example, Point-to-Point Tunneling Protocol (PPTP) is fast, but much less secure than other protocols such as IPSec or OpenVPN, which uses Secure Sockets Layer / Transport Layer Security (SSL). In addition, with TLS-based VPNs, the type of encryption algorithm and key length used are also important.
Although OpenVPN supports key exchange protocols, many number combinations, and hashing algorithms, the most common operation offered by VPN service providers for OpenVPN connections is AES encryption with RSA key exchange and SHA. The recommended configurations are AES-256 encryption with an RSA key that is at least 2048 bits long and SHA-2 cryptographic hash function (SHA-256), rather than SHA-1.
It is worth noting that VPNs introduce overhead, so the stronger the encryption, the greater the impact on the connection speed. The choice of technology and VPN encryption capability should be made depending on each case, depending on the type of data that will be sent through it.
Businesses security needs are different from those of most consumers, who typically need to protect themselves from opportunistic traffic attacks – unless they are concerned about massive surveillance by the US National Security Agency And similar intelligence agencies, where strong encryption would be needed.
VPNs can bypass geographical blockade and firewalls
Consumers also use VPN to access online content that is not available in their region, although this depends on how well content owners impose restrictions. VPN service providers run servers in many countries around the world and allow users to move between them easily.
For example, users can connect to a UK-based server to access restricted BBC content, or through a US server or access Netflix content that is not available in your region.
Users in countries such as China or Turkey, where governments regularly block access to certain websites for political reasons, use VPNs to circumvent these restrictions.
Free vs. paid
As companies create their own VPNs using special network devices, consumers have a wide selection of free and commercial VPN services to choose from. Free VPN bids usually show ads, have a more limited selection of servers, and connection speeds are slower because servers are overpopulated. However, for casual users, this might be enough.
Another disadvantage of free VPN servers is that the IP addresses they use are more likely to be blocked or filtered on several websites: free VPN services are commonly attacked by hackers, spammers, and other malicious users.
Commercial VPN services work with a subscription-based model and are distinguished by an absence of download speed limitation or data limits. Some of them also take pride in not keeping any records that could be used to identify users.
Some antivirus vendors also offer VPN services, and these could serve as the midpoint between free and expensive commercial solutions, as users could get better deals if they also have antivirus licenses from those providers. In addition, these VPN solutions already have a reasonably secure configuration, so users do not have to worry about configuring them themselves.
Build your VPN
Finally, there is the option of running your own VPN server at home so you can set up a tunnel and access the services and devices of your home network from anywhere. It is a better option than exposing those services directly to the Internet, which is how hundreds of thousands of Internet devices things have recently been compromised and used to launch distributed denial of service attacks.
The tips here is to open fewer ports on your router. Besides, you can also disable UPnP (Universal Plug and Play) so that your poorly designed IP camera, for example, does not drill a hole through your firewall and is available to the entire world.
Today, some consumer routers come with built-in VPN server functionality, so you do not even have to configure a separate dedicated VPN server within your network. Although, if your router does not have this kind of feature, a cheap minicomputer like Raspberry Pi can do this job properly.