Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
awraynor

VPN and Security Practices For The Novice

Recommended Posts

awraynor

During my recent travels in the Northeast I began to think about security as I connected to all the unsecured hotel and airport networks.

 

I was looking at VPN software and as usual different reviews give you different answers as to what is best. I still acknowledge that VPN is not an end to end solution. I also do not currently encrypt all of my data on my mobile and desktop devices.

 

I understand many forum members work in the IT field, I do not.

 

For ease of use, what would you recommend to protect wireless traffic on mobile and desktop?

 

Also would you recommend encrypting any and all data on mobile and/or desktop/notebook? I do use CrashPlan to backup all data, but also have data on OneDrive and Amazon Cloud Drive.

Share this post


Link to post
Share on other sites
pcdoc

During my recent travels in the Northeast I began to think about security as I connected to all the unsecured hotel and airport networks.

 

I was looking at VPN software and as usual different reviews give you different answers as to what is best. I still acknowledge that VPN is not an end to end solution. I also do not currently encrypt all of my data on my mobile and desktop devices.

 

I understand many forum members work in the IT field, I do not.

 

For ease of use, what would you recommend to protect wireless traffic on mobile and desktop?

 

Also would you recommend encrypting any and all data on mobile and/or desktop/notebook? I do use CrashPlan to backup all data, but also have data on OneDrive and Amazon Cloud Drive.

 

I believe you have QNAP and I would recommend using the OpenVPN that is built in to that (or Untangle, Sophos, etc.).  You already have it and the QNAP version is super easy to setup.  I first used the version in Untangle many years ago then switched to the QNAP version for about 6 months (which I like better), then recently switched to using the VPN in Sophos.  The QNAP version supports tunneling which is what you will want to secure your public WiFi access.  Give a shot it is very easy to setup.  Dont bother with the services is latency and bandwidth are of any interest as everyone I test was dog slow.  Using the one on your router or the QNAP will add very little to you latency and will not impact your bandwidth.  Just remember to forward port 1194 and you are good to go.

Share this post


Link to post
Share on other sites
awraynor

I believe you have QNAP and I would recommend using the OpenVPN that is built in to that (or Untangle, Sophos, etc.).  You already have it and the QNAP version is super easy to setup.  I first used the version in Untangle many years ago then switched to the QNAP version for about 6 months (which I like better), then recently switched to using the VPN in Sophos.  The QNAP version supports tunneling which is what you will want to secure your public WiFi access.  Give a shot it is very easy to setup.  Dont bother with the services is latency and bandwidth are of any interest as everyone I test was dog slow.  Using the one on your router or the QNAP will add very little to you latency and will not impact your bandwidth.  Just remember to forward port 1194 and you are good to go.

 

Thanks for the help. I found a tutorial on the QNAP site and will try to work through that. 

Share this post


Link to post
Share on other sites
LoneWolf

Are you looking for a VPN connection to your home network?

 

Or are you looking for a VPN tunnel to anonymize your Internet access?

 

For the first, it depends on your router.  Note that of the enthusiast routers out there, many support a VPN connection for remote access, but don't necessarily route all your Internet traffic through your home LAN.  This is an important distinction.  The advantage of routing all traffic through your VPN and home network is security; the disadvantage is that it will slow you down.  Better routers will let you choose what to do.  Connecting to your home network would also let you make a remote desktop connection to a computer there, where you could do things like your online banking securely.

 

If you are looking to anonymize your Internet access, or access resources (e.g. Netflix) from a network that is prohibiting it (disclaimer:  This is not meant to promote any illegal activity), you may need a VPN client through a service.  I use Private Internet access ( privateinternetaccess.com ).  It's inexpensive; at $40 per year, you can run their client on up to five systems or program a home router that supports outbound VPN to run all traffic through them.  They have over twenty servers across the globe, so you can choose to have your source IP appear to be from New Jersey, London, Tokyo, or other locations depending on what suits you best.  You always lose a bit of speed running through a VPN tunnel, but their performance is pretty good, and they do not keep logs, keeping your traffic private.  This is the kind of solution you might want to use if you are traveling to China or another country that has an unfriendly Internet policy that may also be surveilling your actions.

Edited by LoneWolf

Share this post


Link to post
Share on other sites
pcdoc

Are you looking for a VPN connection to your home network?

 

Or are you looking for a VPN tunnel to anonymize your Internet access?

 

For the first, it depends on your router.  Note that of the enthusiast routers out there, many support a VPN connection for remote access, but don't necessarily route all your Internet traffic through your home LAN.  This is an important distinction.  The advantage of routing all traffic through your VPN and home network is security; the disadvantage is that it will slow you down.  Better routers will let you choose what to do.  Connecting to your home network would also let you make a remote desktop connection to a computer there, where you could do things like your online banking securely.

 

If you are looking to anonymize your Internet access, or access resources (e.g. Netflix) from a network that is prohibiting it (disclaimer:  This is not meant to promote any illegal activity), you may need a VPN client through a service.  I use Private Internet access ( privateinternetaccess.com ).  It's inexpensive; at $40 per year, you can run their client on up to five systems or program a home router that supports outbound VPN to run all traffic through them.  They have over twenty servers across the globe, so you can choose to have your source IP appear to be from New Jersey, London, Tokyo, or other locations depending on what suits you best.  You always lose a bit of speed running through a VPN tunnel, but their performance is pretty good, and they do not keep logs, keeping your traffic private.  This is the kind of solution you might want to use if you are traveling to China or another country that has an unfriendly Internet policy that may also be surveilling your actions.

 

Good point on the out of country access.  You obviously had better luck with services than I have.  My short experiences with privateinternetaccess and TotalVPN left me unimpressed mainly because of 60%+ reduction in speed compared to having my own setup.  Granted I was not running it for out of country but rather for tunneling internet access from work, and access to everything at home.  Everyone has different experiences and it does have allot to do with the connection speed of your home connection if you are tunneling.  I found the overhead of the QNAP built in version to be very efficient.  I was better than running a dedicated OpenVPN server in a VM and certainly better than the one in Untangle and pFsense.  I guess you are right, it just depends on what you want to do, and for me the use case was simple, RDP, tunneling, and access files.

Share this post


Link to post
Share on other sites
JROrtiz

I use PIA and have an OpenVPN client and server running on my router with IP filtering. This allows me to connect through the home as well as anonymize my connection when needed. Yes, PIA does result in reduced speeds but since I'm only using it when I'm outside of the home I don't notice it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...