Virtual Private Network (VPN) methods are going get more popular for personal use int he coming months/years. There are hundreds of solutions for desktops and phones. But how do you know if those solutions are actually protecting you and keeping you secure. Just because an application says it provides security does not mean it is accurate. A recent review of over 200 VPN apps on the Google Play store showed that most are not truly secure, using weak methods or no methods at all to ensure a user’s privacy and security. How can you verify that a VPN service is secure? There are multiple methods and checks to verify that your VPN tunnel is encrypted and protected.
The more technical methods that I will not be detailing in this post are to use packet capture tools. For the Mac there is Cocoa Packet Analyzer and for Windows there is Wireshark. Those tools allow to capture packets from your network interface and show you if they are encrypted or not. Most VPNs have leaks that can reveal your true identity so it’s important to check several areas of your connection.
XMyIP – One the basic steps is to check your IP address. Not your internal address but the address as the Internet sees you. You can also search for whats my ip in Google and it will tell you that way. Some service are more detailed than others but it’s important if you are using a VPN to see if the basic step is covered, giving you an IP address not mapping to where you are. Review the IP address, the ISP or host service that’s listed and the geographic location. If anyone of those are your real ISP service you VPN is not working. Reconnect to a different server or change VPN software.
Whoer.net – The next step is to do an extended IP test. This will check all the level of your connection and make sure you are secure end to end. I use this often and I especially like the Anonymity rating it gives you and steps to resolve it. As you can see I have 90% anonymity rating and that’s only because you get hit for having Flash enabled. I was lower but took extra steps and installed some Chrome extensions to plug some leaks I had. This is a very helpful tool.
DNS Leak – This test will reveal if your VPN tunnel is being used for DNS calls or if they are coming from your ISP IP address. This leak reveals your originating IP address and is a common problem with less than optimal VPN services. The diagram shows how a DNS leak works.
When you run a DNS Leak test you should not see your home ISP listed but the IP address from your VPN tunnel. If you see anything other than your VPN provider information you are leaking.
What can you do to improve your VPN security if you find gaps?
The first step is to look at your VPN client and the options provided by them. For example, here are the options provided by Private Internet Access VPN. This client allows to control how strong your VPN encryption is to how the VPN behaves and what it blocks. This VPN also has servers all over the world so if you run into a regional block, mostly video sites, you can switch your VPN to a country where access is allowed.
Checking your VPN is an important process that should always be done. Trusting that a VPN services does what it claims is dangerous because more and more studies show that this is not the case. If you are going to use a VPN to protect your privacy and improve security you must be confident you can rely on the tools.
End of line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.