One very effective solution is to connect through a secure tunnel to a VPN server, which can either be set up at home on your computer, or be a paid-for service from one of the many companies online.
In this part of the VPN thread I will describe how to choose a suitable service, and then how to set it up for use on your laptop or smartphone device.
The first thing you should bear in mind is that although you are paying for a secure connection there could be security implications in doing this. For example if you set up a subscription to a phony service you could have given your card details to someone unscrupulous.
Secondly, if the company you are using hasn't set things up properly you could either have a very poor connection, or your information may not end up properly encrypted in the first place.
Additionally there is almost always one downside to using a VPN for security - speed. As you connection is going to be popping off for a jolly jaunt to another server on it's journey to the interwebs, and if it is spending time being encrypted and decrypted at either end, then it will definitely take longer than it otherwise would being sent unencrypted.
If this speed decrease is a bigger loss to you than the value of your data then you can probably stop reading now.
If, however, you are not completely mad, then keep going as I explain the wondrous joys of the VPN tunnel.
Choosing the right company
Your first challenge is to choose a good company. This will depend on three things: pricing, what's offered, and reviews.Pricing can range from free, to hundreds of pounds per year. As a yard-stick our VPN service is costing us £25 per year for up to 2 simultaneous connections (2 smartphones or a smartphone and one laptop for example).
Free plans may include adverts, may use clunky software, may have a very slow connection, may have a limited amount of usage per month, may be a way to con people out of private data...
What's offered is kind of covered in the last section. You would expect to get a service free of ads if you are paying for it, and the more the cost the higher the bandwidth or data allowance. Some services allow you to use more secure, or faster connection types.Some let you share connections with other devices.
Reviews are very useful, but please make sure you read reviews from reputable sites. And always take 'testimonials' on the company's own site with a pinch of salt - clearly they won't show you the bad comments!
Some of the top VPN services you may wish to check out:
- PrivateInternetAccess - excellent service offering all protocols and great speed. Not too pricey
- HideMyAss - very popular and offers free plans
- HotSpotShield - free access on iPhone/Android and is easy to use, although it can be very slow
- VyprVPN - bit pricey, but with excellent reviews and available on all platforms
- StrongVPN - another of the most popular options
- ProXPN - only really for Windows, but well priced
Setting it up
Generally speaking your VPN service should provide you with the instructions to connect, but here's a brief overview for laptops and smartphones.The client support documents from www.privateinternetaccess.com are excellently to-the-point and cover most instances of operating systems and protocols.
Some VPN services require you to install their custom VPN software, which will almost certainly have a more limited compatibility with different OSes and protocols.
Other VPNs work using a window within a webpage - which is cumbersome and hard to navigate at times, but should work on a lot of devices.
Choosing a protocol
There are a number of encryption/tunnelling protocols that can be used. The main three are PPTP, IPSec, and OpenVPN.PPTP is the least secure, but most widely supported and easiest to set up. There are ways to hack into it, but for normal use on open Wifi networks no-one is going to try to hack your connection if there are free bits of data flying around from other people already.
IPSec is better security and is fairly fast.
OpenVPN is the gold-standard and is much more configurable and efficient. If you have this option open to you USE IT!
Troubleshooting blocked ports
If you can connect fine in some places but not on some corporate networks then it is worth considering whether the ports are being blocked.Ports are the virtual doorways that network communication uses to come into your computer. Certain communication uses certain ports. For example normal website traffic (HTTP) uses port 80 and secure website traffic (HTTPS) uses 443.
If the owner of the network is concerned about security they may wish to stop certain types of network communication, like internet chat, internet phonecalls, or other high-bandwidth services. This usually happens by blocking all ports and opening only the ones that are needed for the traffic they expect.
If this doesn't include your VPN port then you may not be able to connect to your VPN at all, leaving you unencrypted.
Now if your network administrator is savvy to VPN security, and you let him know your predicament then he may be willing to 'open up a port' for you. In the case of OpenVPN this is set by default as UDP port 1194. This will then allow you to connect and all will be well.
If you are unable to contact the administrator, or if he is unwilling to open up the port for you (this is a common decision in large corporate networks) then you could check your service's help documents to see if you can change the port you are trying to connect on.
I had this exact issue before and was advised to switch from UDP 1194 to TCP 443. As the network was set to allow traffic over that port (commonly used while internet browsing) my VPN suddenly sprang into life!
Feel free to comment below if you have anything to add, or if you have any questions, or suggestions of topics for me to cover.
Thanks!
No comments:
Post a Comment