Difference between revisions of "Virtual private network"

From Hidden Wiki
Jump to navigation Jump to search
Line 23: Line 23:




If you use a [[laptop]] or [[desktop]], you can use [[Browsec]] extension on your [[Chrome]] browser. But you'd better use ProtonVPN since it's way faster than Browsec. You just need to make two free [[account]]s.
If you use a [[laptop]] or [[desktop]], you can use [[Browsec]] extension on your [[Chrome]] browser. But you'd better use ProtonVPN on your [[Linux]] or [[macOS]] since it's way faster than Browsec. You just need to make two free [[account]]s.




Revision as of 02:01, 3 February 2021

Unix Assembly language Mathematics Web development I2P
GhostBSD Assembly Programming Tutorial Statistics Django for Beginners MuWire
GUI Artificial intelligence Artificial neural network Machine learning Messenger
Tkinter Artificial intelligence Artificial neural network Machine Learning Mastery with Python Session
File:Virtual Private Network overview.svg
VPN connectivity overview

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running across a VPN may therefore benefit from the functionality, security, and management of the private network.[1]


If you want to pay to VPN or VPS (virtual private server), you'd better use fake personal information. Even you can use cryptocurrency such as Monero or Bitcoin.


  • Generate a Random Name - Fake Name Generator

https://www.fakenamegenerator.com/


Free VPN

It's not a good idea to use a free VPN to protect your privacy since the companies sell your personal information instead of being paid monthly.


But if you just want to circumvent some blockage such as Great Firewall to connect to a lewd manga website (Hitomi, https://hitomi.la/ ) or a porn site (Pornhub, http://pornhubthbh7ap3u.onion/ https://pornhub.com/ ), a free VPN is not a bad option.


If you use a smartphone, you can use ProtonVPN ( https://protonvpn.com/ ). You have to install a VPN app on your Android or iOS. Its free version has limited features, but anyway it works. If you want to use BitTorrent, you have to use at least the Basic plan. And you can use only one device with the free version ProtonVPN.


If you use a laptop or desktop, you can use Browsec extension on your Chrome browser. But you'd better use ProtonVPN on your Linux or macOS since it's way faster than Browsec. You just need to make two free accounts.


There is another free vpn, VPNhub ( https://www.vpnhub.com/ ). It is made by Pornhub.


If you want to use NordVPN, there are many hacked accounts with their passwords. You can find them on Google.

NordVPN and ExpressVPN are trash

NordVPN confirms it was hacked

NordVPN confirms it was hacked

October 21, 2019


NordVPN, a virtual private network provider that promises to “protect your privacy online,” has confirmed it was hacked.

The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private key exposed, potentially allowing anyone to spin out their own servers imitating NordVPN.

https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/


VPNs are Using Fake Server Locations

VPNs are Using Fake Server Locations

MARCH 21, 2018


ExpressVPN also boasts of a large server network. Unlike with PureVPN and Hidemyass, ExpressVPN does not admit to using fake locations anywhere on its website. The ExpressVPN chat representative I spoke with claimed that all server locations were real. (This was proven through testing to be false.)


https://restoreprivacy.com/vpn-server-locations/

I investigated the NordVPN ordeal. Here is what I found.

I investigated the NordVPN ordeal. Here is what I found.

Aug 26 2018


Their address is 50th Street, Global Plaza Tower: 19th Floor, Suite H, Panama [2]


This address is used by shell companies.[3] [4] [5] [6]


So, now we can be establish that Tefincom is not the real company behind NordVPN.


When you make a payment to NordVPN, your money apparently goes to a CloudVPN Inc.[7] This is weird, since NordVPN claims to be subject to Panama laws and CloudVPN is based out of the USA.[8] [9]


It gets better, check CloudVPN Inc's public records, and check out their 2017 original report under the history menu.[10] Listed as the president/director is Darius Bereika.[11] Darius Bereika is also the CEO of tesonet.[12]


You read that correctly, the person who is the president of the company who manages NordVPN payments is the same person who's the CEO of Tesonet. If that doesn't bother you, keep in mind that Tesonet runs a data-harvesting service.[13]


https://www.reddit.com/r/VPNTorrents/comments/9adi37/i_investigated_the_nordvpn_ordeal_here_is_what_i/

Zero Log VPN? Your No Log VPN is Lying to You

Zero Log VPN? Your No Log VPN is Lying to You

APRIL 27, 2020


Is there such a thing as a zero log VPN? The short answer is no, there isn’t. In fact, these companies are flat out lying to you when they claim they are a no log VPN.


Take PureVPN for example. On their website, they claim that after you connect to any server, PureVPN will not “keep any records of anything that could associate any specific activity to a specific user.”

The story of Ryan Lin indicates otherwise. When Ryan was investigated by the FBI under suspicion of harassing, cyber bullying, and hacking, the FBI approached PureVPN after discovering he used the VPN service.


If PureVPN was truly a zero log VPN, they would have been unable to aid the FBI in their investigation against Lin. Instead, PureVPN was able to provide logs that revealed the IP address Lin used to carry out cyber threats.


Lesson #1: VPNs always log some data. In this case, PureVPN logged data despite their claim that they “do NOT keep any logs that can identify or help in monitoring a user’s activity.”

Lesson #2: A VPN is not a secret invisibility cloak that will allow you to conduct whatever illegal activity you want to without reprisal. Now, I certainly don’t condone Ryan Lin’s illegal activity. However, this highlights the blatant lie being told by PureVPN’s marketing team.


https://www.allthingssecured.com/vpn/truth-about-vpn-logging-policies/

VPN restricted countries

  • Anonymous 03/15/19 (Fri) 19:52:10 No.1041744

>>1041674

In some countries, even using VPN is also illegal.


Only government-approved VPNs are allowed to use

China, Russia, Iran, Oman


Illegal or restricted or fully banned

Turkey, Iraq, Turkmenistan, Belarus, North Korea


Restricted for Individuals

United Arab Emirates (UAE)

Anyone uses a fraudulent IP address to commit a crime or prevent its discovery shall be punished by imprisonment or a fine of up to $400,000 depending on the nature of the crime. Using a VPN to use Skype might cause penalties, too. Worth mentioning that banks, companies, and institutions can use VPN’s freely, it is only individuals who are prohibited from it.

http://oxwugzccvk3dk6tj.onion/tech/res/1041674.html#1041744

Types

Early data networks allowed VPN-style connections to remote sites through dial-up modem or through leased line connections utilizing Frame Relay and Asynchronous Transfer Mode (ATM) virtual circuits, provided through networks owned and operated by telecommunication carriers. These networks are not considered true VPNs because they passively secure the data being transmitted by the creation of logical data streams.[14] They have been replaced by VPNs based on IP and IP/Multi-protocol Label Switching (MPLS) Networks, due to significant cost-reductions and increased bandwidth[15] provided by new technologies such as digital subscriber line (DSL)[16] and fiber-optic networks.

VPNs can be either remote-access (connecting a computer to a network) or site-to-site (connecting two networks). In a corporate setting, remote-access VPNs allow employees to access their company's intranet from home or while traveling outside the office, and site-to-site VPNs allow employees in geographically disparate offices to share one cohesive virtual network. A VPN can also be used to interconnect two similar networks over a dissimilar middle network; for example, two IPv6 networks over an IPv4 network.[17]

VPN systems may be classified by:

  • the tunneling protocol used to tunnel the traffic
  • the tunnel's termination point location, e.g., on the customer edge or network-provider edge
  • the type of topology of connections, such as site-to-site or network-to-network
  • the levels of security provided
  • the OSI layer they present to the connecting network, such as Layer 2 circuits or Layer 3 network connectivity
  • the number of simultaneous connections.

Security mechanisms

VPNs cannot make online connections completely anonymous, but they can usually increase privacy and security. To prevent disclosure of private information, VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.

The VPN security model provides:

Secure VPN protocols include the following:

Authentication

Tunnel endpoints must be authenticated before secure VPN tunnels can be established. User-created remote-access VPNs may use passwords, biometrics, two-factor authentication or other cryptographic methods. Network-to-network tunnels often use passwords or digital certificates. They permanently store the key to allow the tunnel to establish automatically, without intervention from the administrator.

Routing

Tunneling protocols can operate in a point-to-point network topology that would theoretically not be considered as a VPN, because a VPN by definition is expected to support arbitrary and changing sets of network nodes. But since most router implementations support a software-defined tunnel interface, customer-provisioned VPNs often are simply defined tunnels running conventional routing protocols.

Provider-provisioned VPN building-blocks

Depending on whether a provider-provisioned VPN (PPVPN) operates in layer 2 or layer 3, the building blocks described below may be L2 only, L3 only, or combine them both. Multi-protocol label switching (MPLS) functionality blurs the L2-L3 identity.Template:Citation neededTemplate:Original research inline

Template:IETF RFC generalized the following terms to cover L2 and L3 VPNs, but they were introduced in Template:IETF RFC.[26] More information on the devices below can also be found in Lewis, Cisco Press.[27]

Customer (C) devices

A device that is within a customer's network and not directly connected to the service provider's network. C devices are not aware of the VPN.

Customer Edge device (CE)

A device at the edge of the customer's network which provides access to the PPVPN. Sometimes it is just a demarcation point between provider and customer responsibility. Other providers allow customers to configure it.

Provider edge device (PE)

A PE is a device, or set of devices, at the edge of the provider network which connects to customer networks through CE devices and presents the provider's view of the customer site. PEs are aware of the VPNs that connect through them, and maintain VPN state.

Provider device (P)

A P device operates inside the provider's core network and does not directly interface to any customer endpoint. It might, for example, provide routing for many provider-operated tunnels that belong to different customers' PPVPNs. While the P device is a key part of implementing PPVPNs, it is not itself VPN-aware and does not maintain VPN state. Its principal role is allowing the service provider to scale its PPVPN offerings, for example, by acting as an aggregation point for multiple PEs. P-to-P connections, in such a role, often are high-capacity optical links between major locations of providers.

User-visible PPVPN services

OSI Layer 2 services

Template:Refimprove section

Virtual LAN

Virtual LAN (VLAN) is a Layer 2 technique that allow for the coexistence of multiple local area network (LAN) broadcast domains, interconnected via trunks using the IEEE 802.1Q trunking protocol. Other trunking protocols have been used but have become obsolete, including Inter-Switch Link (ISL), IEEE 802.10 (originally a security protocol but a subset was introduced for trunking), and ATM LAN Emulation (LANE).

Virtual private LAN service (VPLS)

Developed by Institute of Electrical and Electronics Engineers, Virtual LANs (VLANs) allow multiple tagged LANs to share common trunking. VLANs frequently comprise only customer-owned facilities. Whereas VPLS as described in the above section (OSI Layer 1 services) supports emulation of both point-to-point and point-to-multipoint topologies, the method discussed here extends Layer 2 technologies such as 802.1d and 802.1q LAN trunking to run over transports such as Metro Ethernet.

As used in this context, a VPLS is a Layer 2 PPVPN, emulating the full functionality of a traditional LAN. From a user standpoint, a VPLS makes it possible to interconnect several LAN segments over a packet-switched, or optical, provider core; a core transparent to the user, making the remote LAN segments behave as one single LAN.[28]

In a VPLS, the provider network emulates a learning bridge, which optionally may include VLAN service.

Pseudo wire (PW)

PW is similar to VPLS, but it can provide different L2 protocols at both ends. Typically, its interface is a WAN protocol such as Asynchronous Transfer Mode or Frame Relay. In contrast, when aiming to provide the appearance of a LAN contiguous between two or more locations, the Virtual Private LAN service or IPLS would be appropriate.

Ethernet over IP tunneling

EtherIP (Template:IETF RFC)[29] is an Ethernet over IP tunneling protocol specification. EtherIP has only packet encapsulation mechanism. It has no confidentiality nor message integrity protection. EtherIP was introduced in the FreeBSD network stack[30] and the SoftEther VPN[31] server program.

IP-only LAN-like service (IPLS)

A subset of VPLS, the CE devices must have Layer 3 capabilities; the IPLS presents packets rather than frames. It may support IPv4 or IPv6.

OSI Layer 3 PPVPN architectures

This section discusses the main architectures for PPVPNs, one where the PE disambiguates duplicate addresses in a single routing instance, and the other, virtual router, in which the PE contains a virtual router instance per VPN. The former approach, and its variants, have gained the most attention.

One of the challenges of PPVPNs involves different customers using the same address space, especially the IPv4 private address space.[32] The provider must be able to disambiguate overlapping addresses in the multiple customers' PPVPNs.

BGP/MPLS PPVPN

In the method defined by Template:IETF RFC, BGP extensions advertise routes in the IPv4 VPN address family, which are of the form of 12-byte strings, beginning with an 8-byte route distinguisher (RD) and ending with a 4-byte IPv4 address. RDs disambiguate otherwise duplicate addresses in the same PE.

PEs understand the topology of each VPN, which are interconnected with MPLS tunnels, either directly or via P routers. In MPLS terminology, the P routers are Label Switch Routers without awareness of VPNs.

Virtual router PPVPN

The virtual router architecture,[33][34] as opposed to BGP/MPLS techniques, requires no modification to existing routing protocols such as BGP. By the provisioning of logically independent routing domains, the customer operating a VPN is completely responsible for the address space. In the various MPLS tunnels, the different PPVPNs are disambiguated by their label, but do not need routing distinguishers.

Unencrypted tunnels

Some virtual networks use tunneling protocols without encryption for protecting the privacy of data. While VPNs often do provide security, an unencrypted overlay network does not neatly fit within the secure or trusted categorization.Template:Citation needed For example, a tunnel set up between two hosts with Generic Routing Encapsulation (GRE) is a virtual private network, but neither secure nor trusted.[35][36]

Native plaintext tunneling protocols include Layer 2 Tunneling Protocol (L2TP) when it is set up without IPsec and Point-to-Point Tunneling Protocol (PPTP) or Microsoft Point-to-Point Encryption (MPPE).[37]

Trusted delivery networks

Trusted VPNs do not use cryptographic tunneling, and instead rely on the security of a single provider's network to protect the traffic.[38]

From the security standpoint, VPNs either trust the underlying delivery network, or must enforce security with mechanisms in the VPN itself. Unless the trusted delivery network runs among physically secure sites only, both trusted and secure models need an authentication mechanism for users to gain access to the VPN.

VPNs in mobile environments

Users utilize mobile virtual private networks in settings where an endpoint of the VPN is not fixed to a single IP address, but instead roams across various networks such as data networks from cellular carriers or between multiple Wi-Fi access points.[42] Mobile VPNs have been widely used in public safety, where they give law-enforcement officers access to mission-critical applications, such as computer-assisted dispatch and criminal databases, while they travel between different subnets of a mobile network.[43] Field service management and by healthcare organizations,[44]Template:Qn among other industries, also make use of them.

Increasingly, mobile professionals who need reliable connections are adopting mobile VPNs.[44]Template:Qn They are used for roaming seamlessly across networks and in and out of wireless coverage areas without losing application sessions or dropping the secure VPN session. A conventional VPN can not withstand such events because the network tunnel is disrupted, causing applications to disconnect, time out,[42] or fail, or even cause the computing device itself to crash.[44]

Instead of logically tying the endpoint of the network tunnel to the physical IP address, each tunnel is bound to a permanently associated IP address at the device. The mobile VPN software handles the necessary network-authentication and maintains the network sessions in a manner transparent to the application and to the user.[42] The Host Identity Protocol (HIP), under study by the Internet Engineering Task Force, is designed to support mobility of hosts by separating the role of IP addresses for host identification from their locator functionality in an IP network. With HIP a mobile host maintains its logical connections established via the host identity identifier while associating with different IP addresses when roaming between access networks.

VPN on routers

With the increasing use of VPNs, many have started deploying VPN connectivity on routers for additional security and encryption of data transmission by using various cryptographic techniques.[45] Home users usually deploy VPNs on their routers to protect devices, such as smart TVs or gaming consoles, which are not supported by native VPN clients. Supported devices are not restricted to those capable of running a VPN client.[46]

Many router manufacturers supply routers with built-in VPN clients. Some use open-source firmware such as DD-WRT, OpenWRT and Tomato, in order to support additional protocols such as OpenVPN.

Setting up VPN services on a router requires a deep knowledge of network security and careful installation. Minor misconfiguration of VPN connections can leave the network vulnerable. Performance will vary depending on the Internet service provider (ISP).[47]

Networking limitations

One major limitation of traditional VPNs is that they are point-to-point, and do not tend to support or connect broadcast domains. Therefore, communication, software, and networking, which are based on layer 2 and broadcast packets, such as NetBIOS used in Windows networking, may not be fully supported or work exactly as they would on a real LAN. Variants on VPN, such as Virtual Private LAN Service (VPLS), and layer 2 tunneling protocols, are designed to overcome this limitation.Template:Citation needed

A VPN connection may not be as robust as a direct connection to a network. A VPN connection depends on the VPN provider and the ISP. If either fails, the connection fails.

See also

References

  1. Template:Cite book
  2. https://nordvpn.com/contact-us/
  3. https://offshoreleaks.icij.org/nodes/235588
  4. https://offshoreleaks.icij.org/nodes/14018408
  5. https://offshoreleaks.icij.org/nodes/14018410
  6. https://opencorporates.com/companies/pa/155628861
  7. https://i.sigavpn.com/img/5661932733.jpg
  8. https://torrentfreak.com/vpn-services-anonymous-review-2017-170304/
  9. https://www.bizapedia.com/wy/cloudvpn-inc.html
  10. https://wyobiz.wy.gov/Business/FilingDetails.aspx?eFNum=005203253040182072024101188243235057222189038105
  11. https://i.sigavpn.com/img/5757370209.jpg
  12. https://tesonet.com/random/history/the-story-of-tesonet/
  13. https://oxylabs.io/faq
  14. Cisco Systems, et al. Internet working Technologies Handbook, Third Edition. Cisco Press, 2000, p. 232.
  15. Lewis, Mark. Comparing, Designing. And Deploying VPNs. Cisco Press, 2006, p. 5
  16. International Engineering Consortium. Digital Subscriber Line 2001. Intl. Engineering Consortium, 2001, p. 40.
  17. Template:Cite web
  18. Template:IETF RFC, "IPv6 Node Requirements", E. Jankiewicz, J. Loughney, T. Narten (December 2011)
  19. Template:Cite web
  20. Template:Cite web
  21. Template:Cite web
  22. Template:Cite web
  23. Template:Cite web
  24. Template:Cite web
  25. Template:Cite web
  26. Template:Cite news
  27. Template:Cite book
  28. Template:Citation
  29. Template:Cite web
  30. Glyn M Burton: RFC 3378 EtherIP with FreeBSD, 03 February 2011
  31. net-security.org news: Multi-protocol SoftEther VPN becomes open source, January 2014
  32. Address Allocation for Private Internets, Template:IETF RFC, Y. Rekhter et al., February 1996
  33. Template:IETF RFC, A Core MPLS IP VPN Architecture
  34. Template:IETF RFC, E. Chen (September 2000)
  35. Template:Cite web
  36. Template:IETF RFC: Generic Routing Encapsulation over IPv4 networks. October 1994.
  37. IETF (1999), Template:IETF RFC, Layer Two Tunneling Protocol "L2TP"
  38. Template:Cite book
  39. Layer Two Tunneling Protocol "L2TP", Template:IETF RFC, W. Townsley et al., August 1999
  40. IP Based Virtual Private Networks, Template:IETF RFC, A. Valencia et al., May 1998
  41. Point-to-Point Tunneling Protocol (PPTP), Template:IETF RFC, K. Hamzeh et al., July 1999
  42. 42.0 42.1 42.2 Phifer, Lisa. "Mobile VPN: Closing the Gap", SearchMobileComputing.com, July 16, 2006.
  43. Willett, Andy. "Solving the Computing Challenges of Mobile Officers", www.officer.com, May, 2006.
  44. 44.0 44.1 44.2 Cheng, Roger. "Lost Connections", The Wall Street Journal, December 11, 2007.
  45. Template:Cite web
  46. Template:Cite web
  47. Template:Cite news

Further reading

Retrieved from "http://hiddenwep33eg4w225lcdwcez4iefacwpiia6cwg7pfmcz4hvijzbgid.onion/index.php?title=Virtual_private_network&oldid=31285"