A VPN can provide a way to keep your location private by replacing the IP address of your ISP’s gateway router with an anonymous IP from the VPN provider’s pool. It will prevent your ISP, or Google and other websites from discovering your location, tracking your activity online, or saving your search history. The contents of your communications are changed from plaintext to cyphertext through the process of encryption.
Encryption is the secret sauce in using a VPN. Most of the time when you purchase VPN service, the VPN provider chooses the encryption type for you, based on the type of service you bought or your intended use. Many services allow you to choose you encryption method. Here is a quick rundown of the most common choices.
- PPTP – Point to point tunneling protocol is easy to set up and use, but is not as secure as you want, and has become vulnerable to cracking. If this is the only option your service provider offers, move on. PPTP works on TCP port 1723.
- L2TP – Layer 2 tunneling protocol actually does not offer its own encryption, and relies on creating an IPSec tunnel to encapsulate and secure the packets being sent. There are issues getting past firewalls. L2TP uses UDP port 500.
- SSTP – Secure socket tunneling protocol is a Microsoft standard, so works well with Windows, of course. It is cross functional with Linux and Mac OS X. The encryption method is SSL v.3. Since most forms of SSL are deprecated, and have been replaced by TLS, this may not be your best choice, unless it is using the TLS standard. SSTP uses TCP port 443, and has no problems with firewalls.
- IKEv2 – Internet key exchange version 2 is a newer encryption protocol from Microsoft and Cisco, and like L2TP, it uses an IPSec tunnel for encryption.
- Open VPN – This is an open-source project from OpenSSL. Open VPN uses AES encryption, and is considered the strongest of the alternatives listed here. Open VPN can run on port 443 and this makes it easy to use with a firewall.
Hopefully, this article and the two previous articles has help you decide if a VPN is for you, and how to go about selecting a good service provider. Yes, I do use a VPN myself, although not all the time. But if I am on a public Wi-fi, hotel network, or guest network, I will usually turn it on. A little security can go a long way to protecting your identity and personal information from thieves and other bad actors.
Share
MAR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com