virtual_private_networks
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
virtual_private_networks [2019/08/09 11:07] – neil | virtual_private_networks [2021/07/06 09:26] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 2: | Line 2: | ||
A virtual private network or " | A virtual private network or " | ||
+ | |||
+ | Bear in mind that, like anything, VPNs are not unhackable. (e.g. [[https:// | ||
====Key points: ==== | ====Key points: ==== | ||
- | * [[Work out why you want to use a VPN|Work out why you want to use a VPN]]Â | + | * [[virtual_private_networks# |
- | * [[To hide your traffic from the local network operator|To hide your traffic from the local network operator]]Â | + | * [[virtual_private_networks# |
- | * [[To access your firm's systems remotely|To access your firm's systems remotely]]Â | + | * [[virtual_private_networks# |
- | * [[To apply controls to your traffic|To apply controls to your traffic]]Â | + | * [[virtual_private_networks# |
- | * [[To avoid restrictions on the local network|To avoid restrictions on the local network]]Â | + | * [[virtual_private_networks# |
- | * [[To avoid restrictions imposed by the site/ | + | * [[virtual_private_networks# |
- | * [[Consider an " | + | * [[virtual_private_networks# |
- | * [[Always-on / on-demand VPNs may not work well with public Wi-Fi|Always-on / on-demand VPNs may not work well with public Wi-Fi]]Â | + | * [[virtual_private_networks# |
- | * [[If someone gets access to your device, they can connect to your network|If someone gets access to your device, they can connect to your network]]Â | + | * [[virtual_private_networks# |
- | * [[Test your VPN before you rely on it|Test your VPN before you rely on it]]Â | + | * [[virtual_private_networks# |
- | * [[Check your VPN is not leaking|Check your VPN is not leaking]]Â | + | * [[virtual_private_networks# |
- | * [[Third party VPN providers: someone else to trust |Third party VPN providers: someone else to trust ]]Â | + | * [[virtual_private_networks# |
- | * [[Consider Tor as an alternative|Consider Tor as an alternative]]Â | + | * [[virtual_private_networks# |
- | * [[Detailed guidance from the National Cyber Security Centre|Detailed guidance from the National Cyber Security Centre]] | + | * [[virtual_private_networks# |
+ | * [[virtual_private_networks# | ||
====Work out why you want to use a VPN==== | ====Work out why you want to use a VPN==== | ||
Line 42: | Line 45: | ||
If, for example, the network you are using blocks access to websites which you need to visit, connecting to an endpoint which does not block access would circumvent the block. | If, for example, the network you are using blocks access to websites which you need to visit, connecting to an endpoint which does not block access would circumvent the block. | ||
+ | |||
+ | Some networks block (or attempt to block) VPN traffic. If you are using a public Wi-Fi hotspot that blocks VPN traffic, find another hotspot — if they do not want you to be sure online, you might reasonably wonder why. | ||
===To avoid restrictions imposed by the site/ | ===To avoid restrictions imposed by the site/ | ||
Line 63: | Line 68: | ||
If you use an always-on or on-demand VPN, someone who gets access to your unlocked device automatically gets connected to whatever network is at the end of your VPN — for example, your firm's network. | If you use an always-on or on-demand VPN, someone who gets access to your unlocked device automatically gets connected to whatever network is at the end of your VPN — for example, your firm's network. | ||
+ | |||
+ | ====Running your own VPN server==== | ||
+ | |||
+ | If you do not want to [[#Third party VPN providers: someone else to trust|trust a third party VPN service]], you will need to run your own. | ||
+ | |||
+ | Some routers come with an integrated VPN server. For example, the fully-loaded version of the [[https:// | ||
+ | |||
+ | An advantage of using an " | ||
+ | |||
+ | Alternatively, | ||
+ | |||
+ | If you do run your own VPN server, you will need to ensure that you have it correctly configured, to prevent unauthorised use or network access, and that you are [[securing_your_devices# | ||
====Test your VPN before you rely on it==== | ====Test your VPN before you rely on it==== | ||
As with any major configuration change, test it before you rely on it. | As with any major configuration change, test it before you rely on it. | ||
+ | |||
+ | Ideally, you would test that the traffic going across the VPN connection is encrypted. However, unless you are knowledgeable enough to use WireShark, or have someone to hand who can do so, that's going to be difficult. | ||
+ | |||
+ | If nothing else, visit an IP address checker before you connect to the VPN, and then again afterwards: you should see a different IP address. | ||
+ | |||
+ | If you do not have a preferred IP address checker, you can use [[https:// | ||
+ | |||
+ | If you know you have an [[https:// | ||
+ | |||
+ | (Neither of these sites log connection requests.) | ||
Line 77: | Line 104: | ||
Test too what happens if your VPN connection drops — does your traffic fall back onto the local network, or is it blocked by your computer until the VPN re-connects. | Test too what happens if your VPN connection drops — does your traffic fall back onto the local network, or is it blocked by your computer until the VPN re-connects. | ||
- | ====Third party VPN providers: someone else to trust === | + | ====Third party VPN providers: someone else to trust ==== |
A VPN shifts where your traffic routes. If you want to connect to the Internet, someone still manages the point at which your traffic leaves the VPN and goes onto the Internet. | A VPN shifts where your traffic routes. If you want to connect to the Internet, someone still manages the point at which your traffic leaves the VPN and goes onto the Internet. | ||
Line 86: | Line 113: | ||
It's very easy to set up a VPN service, and it's very easy to make fake promises on a website, so do your due diligence correctly, if you are concerned about the third party VPN operator seeing, logging, or interfering with, your traffic. | It's very easy to set up a VPN service, and it's very easy to make fake promises on a website, so do your due diligence correctly, if you are concerned about the third party VPN operator seeing, logging, or interfering with, your traffic. | ||
+ | |||
+ | There is what appears to be a substantial review of third party VPN services on [[https:// | ||
Line 95: | Line 124: | ||
====Detailed guidance from the National Cyber Security Centre ==== | ====Detailed guidance from the National Cyber Security Centre ==== | ||
[[https:// | [[https:// | ||
- |
virtual_private_networks.1565348836.txt.gz · Last modified: 2021/07/06 09:26 (external edit)