Can you trust VPN networks with your secrets? Setting up anonymous Internet access via Tor and VPN

I talked a lot about Mac security, but I practically ignored such an interesting topic as VPN, even though I’ve been using this thing for more than a year. VPN technology is designed to protect your Internet connection. This is especially true in public WiFi networks, which we use in coffee shops and restaurants.

When there is no protection, any savvy student at the next table can “listen” to traffic within the network. With a certain amount of perseverance, you can extract login information from it for various Internet resources. If you have a website on WordPress, then your login and password will “leak” very quickly.

The second real threat is the selective justice of some K9 department, which periodically selects scapegoats and initiates criminal cases for downloading torrent traps. You can also attract attention abroad, where copyright control is especially strict.

In both cases, one of the many VPN services that are now actively making their way to the masses will help us.

What is a VPN?

VPN is an encrypted connection to a computer/server that was originally used for remote connections to corporate networks. For example, having left for another country, an employee could connect to the company’s internal network and gain access to all local resources: files, calendars, printers, etc. If at this time you download some page or file from the global web, then this will happen on behalf of the working server, and then it will be sent via an encrypted channel to a remote user (our employee).

Picture from Habr

It was this interesting feature that gave impetus to the emergence of commercial VPN servers, which act as a kind of “layer” between you and the Internet and “drive” all your traffic on their own behalf.

The VPN connection needs to be established with something. If you have your own server, then you can “raise” it right there. For everyone else, there are many paid services that for $7-10 will provide even more features than a “homemade” VPN.

Benefits of VPN

How does a VPN server make network connections more secure? As I already said, the server acts as a spacer that passes all Internet traffic through itself, and the traffic is encrypted on the “you-server-you” side.

Hence the main advantage: your provider and other users on the internal network do not know what resources you visit and what you download. It is impossible to analyze traffic - it is a meaningless digital mess.

If you don’t just “read” the Internet, but log into your accounts using a login and password (forums, your websites, social networks, electronic wallets, mobile banking), including downloading something from torrents, then anonymity and security, that a VPN provides are obvious.

In order for third parties to still be able to view your activity history, they need to obtain judicial permission to access the VPN server logs, of course, in the country where the company that owns them is registered. Usually their legal addresses are located in some Seychelles, and Internet activity logs are stored from several days to several weeks. You understand how difficult this makes surveillance. But your provider may start “listening” to you at the very first request from law enforcement agencies.

A VPN has a few more additional benefits. When you connect to a remote server, you receive the IP address of the country in which it is located. Firstly, it masks your real location, and secondly, it makes it possible to use the internal resources of these countries.

For example, during the season I watch Formula 1 on the British BBC (it's free for UK residents). By connecting to an American server, you can listen to Pandora or make yourself an American account in the App Store. Some Asian countries did not allow me to do online banking. This can also be cured by changing the IP address using a VPN. In all these cases, sites will “think” that the end user is not you, but your VPN server.

Of course, this advantage only exists if you can manually select one of several VPN servers. As a rule, only paid services have such advantages. For the end user, this whole choice comes down to choosing the city (country) to which he wants to connect: London, Hamburg, Tokyo, etc.

Disadvantages of VPNs

Since another link appears between you and the resources on the network, which also encrypts all transmitted information, this entails a loss in speed. However, the losses are not catastrophic, I still manage to watch streaming video in 720p normally, so there is no difference in loading Internet pages. There will be a noticeable loss of speed if the resource you are accessing is located in your own city or country. When working with foreign resources, as a rule, there is almost no difference in speed.

Well, the second feature is that you need to trust your VPN provider. After all, there is always a possibility that there is someone from the FBI, FSB or SBU on the other end.

What should you pay attention to before purchasing?

1. Number and location of servers. The more there are, the easier it is to find the fastest server. The stability and speed of the connection depends on this. A wide selection of servers in different countries is more fault-tolerant. If one doesn't work, you can always connect to another.
2. Number of simultaneously connected devices. Many VPN providers only allow you to have two active connections. For example, MacBook and iPad. In this case, you can connect your iPhone only by disabling one of them. It seems like nonsense, but in practice it sometimes causes inconvenience. After all, you just want to turn on VPN everywhere and forget about it.
3. Authorization method on iOS. There are two options. The first is authorization via PPTP/L2TP. In this case, you need to go into the settings, create a new VPN connection there and manually enter your username and password. But the most important feature is that the VPN connection will need to be activated yourself through Settings every time you want to use it. The second method is authorization via an SSL certificate. It may sound complicated, but in fact this is the easiest and most convenient way. As a rule, you will need to install a small application for iOS, which will install everything for you in a couple of clicks. Not only that, it also serves to monitor the status of your account. This is convenient when traffic is not unlimited. Well, and most importantly, only when using a certificate does the “Connect on request” function become available in the VPN settings, which will automatically establish a connection to the server as soon as you go online.
4. Client for Mac. Finding something that fits organically into the style of OS X is not so easy. Some are simply terrible, others are constantly hanging in the Dock... In addition, a good client can perform additional functions, such as blocking any connections on unfamiliar networks and automatically turning on VPN.
5. How long are your activity logs kept? Each service always stores a history of your actions. As a rule, these are the addresses of visited resources and the amount of information transmitted. If a controversial situation arises, this data may be transferred to law enforcement agencies by decision of the court of the country in which the VPN provider is registered. The storage time for logs varies for everyone and can be from one day to several weeks.
6. Desktop connection protocol. Typically this is TCP or UDP. I won’t go into technical details, but for surfing the web, streaming video, Skype, etc., our choice is UDP.

Choosing a VPN

I spent a long time reading thematic articles on Habré, but I couldn’t find anything clear and understandable for the average user. Many of the VPN providers I came across were based in the US, which greatly impacts connection speeds. There is no point in driving all traffic through another continent.

With a more detailed search, I managed to find several interesting solutions. For example, two “our” VPN providers: Kebrum and ruVPN, as well as the American Cloak, which has several servers in Europe. If you don't want to read a lot, then go straight to the impressions of Cloak, which is what I chose.

Kebrum VPN (website)

The company is registered in the Seychelles and stores the history of your online activities for 3 days. There is a small (and crooked) client for Mac that allows you to connect to a VPN in one click and also select the desired servers. Its main problem turned out to be an annoying icon in the Dock that cannot be hidden. Of course, there is a special trick for this, but I don’t want to fool around in this case. You will have to manually enable VPN via the Dock or Menubar.

As for the available servers, there are nine in total, of which I left only four for myself:

• Amsterdam
• London
• Luxembourg
• Cologne

You can simultaneously have two active network connections (TCP or UDP) on one account. For example, at home and at work (if you forgot to turn off your home computer). If you wish, you can even connect your iPhone or iPad to the VPN (PPTP or L2TP/IPSec protocols). For $7 per month, traffic is unlimited, so you can almost always work through a VPN server.

I used Tunnelblick as an alternative client. It is much more convenient than the standard one, but it also looks scary.

Kebrum itself works quite well. But sometimes the connection drops completely, which is why you have to manually change the server. Connecting via iOS does not support the “Connect on request” function; the VPN connection has to be started manually, which negates all its usefulness on mobile devices, since it takes a long time and you simply forget to do it.

I worked with Kebrum for quite a long time, about 5 months, and overall I can say that this is a good solution for its price. Its main advantages: unlimited traffic, many servers and low price.

ruVPN (website)

The presence of tariffs is immediately noticeable. All of their traffic is unlimited, but there are speed limits. A basic package of 20 Mbps will cost you $10 monthly.

It turned out that this price does not include connecting mobile devices. If you want to connect another iPhone or iPad at the same speed, you will have to shell out another $10. And besides, $20 for one Mac and one mobile device is not cheap.

The ruVPN company is registered in Norway, and the server is located there. So, you won’t be able to listen to Pandora through the USA or watch Formula 1 on the British BBC.

In defense of ruVPN, I will say that it works quickly and is much more stable than Kebrum. But the price is too high for the real benefit in the form of only an SSL certificate.

Cloak VPN (website)

Cloak is an American service that I ultimately chose. He had a huge number of additional goodies and a clear website where you can get comprehensive information about the intricacies of his work.

So, let me start with the fact that authorization on mobile devices is done through an SSL certificate, to install which you also need to install a free program from the App Store, log in through it and install the certificate with the click of one button.

Cloak currently only works on Mac, iPhone and iPad, but has absolutely no limit on the number of simultaneously connected devices. If you take an account for $9.99 with an unlimited traffic package, you can transfer your entire family, grandparents, and grandparents to a VPN.

Cloak has servers in eight countries, and the OS X client can automatically connect to the fastest one based on an internal test. If desired, the country can be set manually. Logs on the server are stored for 16 days.

I especially want to praise the high-quality client for OS X. Firstly, it is beautiful and made for people, not geeks. You just need to install it and press the Secure my connection button.

Secondly, it actually tries to secure your connection by blocking internet activity on all unfamiliar networks until a VPN connection is established.

The list of friendly networks can be changed in the settings, and the automatic connection option can also be activated there.

As for tariff plans, at first there were three of them, but just a couple of weeks ago there were only two left. The first costs $2.99 ​​with a 5 GB per month limit, the second costs $9.99 for full unlimited. At first I stayed on the 25 GB tariff plan for $7.99, but yesterday I switched to unlimited.

Another huge plus is the availability of a trial version of Cloak without any restrictions. After registration, you will immediately be transferred to the Mini package with 5 GB of traffic for 30 days. It is quite enough to evaluate the convenience of clients and the speed of work. And if you tweet something else about Cloak, you will get 20% of your data plan, that is, 1 GB, for free.

By the way, about the speed - it’s not just good: you don’t notice the connection to the VPN. If with Kebrum I periodically had to fight with servers and look for an acceptable speed, then here everything works like clockwork. Here are several measurements in different places and at different times (the server was selected automatically).

Speed ​​in a coffee shop in the city center, 14:45

Speed ​​home, 7:20 p.m.

The tests clearly show that when working with local resources, the transfer speed drops quite significantly. But, when working with foreign ones, the losses are not significant. Personally, it’s quite enough for me, especially since the connection is very stable. If this is not enough for you, then you should take a closer look at ruVPN.

In conclusion

VPN is a must-have for absolutely everyone who accesses the network from public networks. It will not make you completely anonymous, but it will “hide” your online activity from prying eyes and protect your data from interception. All this at the touch of a button.

A VPN will also come in handy for those who occasionally indulge in torrenting. If you indulge a lot, then be sure to take a closer look at the put.io cloud torrent client. It is not only safe, but also much faster.

I will also talk about the Whonix OS distribution, which implements the most advanced achievements in the field of network anonymity, because, among other things, both analyzed schemes are configured and working in it.

First, let's define some postulates:
1. The Tor network provides a high level of client anonymity, subject to all mandatory rules for its use. This is a fact: there have not yet been any real public attacks on the network itself.
2. A trusted VPN (SSH) server ensures the confidentiality of transmitted data between itself and the client.
Thus, for convenience, in this article we mean that Tor ensures the anonymity of the client, and VPN - the confidentiality of the transmitted data.

Tor over VPN. First VPN, then Tor

With this scheme, the VPN server is a permanent input node, after which the encrypted traffic is sent to the Tor network. In practice, the scheme is simple to implement: first, you connect to the VPN server, then launch the Tor browser, which will automatically configure the necessary routing through the VPN tunnel.

Using this scheme allows us to hide the very fact of using Tor from our Internet provider. We will also be blocked from the Tor entry node, which will see the VPN server address. And in the event of a theoretical compromise of Tor, we will be protected by the VPN line, which, of course, does not store any logs.
Using a proxy server instead of a VPN makes no sense: without the encryption provided by the VPN, we will not get any significant advantages in such a scheme.

It is worth noting that, specifically to circumvent the Tor ban, Internet providers came up with so-called bridges.
Bridges are nodes of the Tor network that are not listed in the central Tor directory, that is, not visible, for example, or, and, therefore, more difficult to detect.
How to configure bridges is written in detail.
The Tor site itself can give us several bridges at .
You can also get bridge addresses by mail by sending to: [email protected] or [email protected] letter with the text: “get bridges”. Be sure to send this letter from mail from gmail.com or yahoo.com
In response, we will receive a letter with their addresses:
« Here are your bridge relays:
bridge 60.16.182.53:9001
bridge 87.237.118.139:444
bridge 60.63.97.221:443»
These addresses will need to be specified in the settings of Vidalia, the Tor proxy server.
Sometimes it happens that bridges are blocked. To bypass this, Tor introduced so-called “obfuscated bridges”. Without going into detail, they are more difficult to detect. To connect to them, you need, for example, to download Pluggable Transports Tor Browser Bundle.

pros scheme:

• we will hide the very fact of using Tor from the Internet provider (or connect to Tor if the provider blocks it). However, there are special bridges for this;
• we will hide our IP address from the Tor entry node, replacing it with the address of the VPN server, but this is not the most effective increase in anonymity;
• in the event of a theoretical compromise of Tor, we will remain behind the VPN server.

Minuses scheme:

• we must trust the VPN server in the absence of any significant advantages of this approach.

VPN via Tor. First Tor, then VPN

In this case, the VPN server is a permanent outlet to the Internet.


A similar connection scheme can be used to bypass blocking of Tor nodes by external resources, plus it should protect our traffic from eavesdropping on the Tor exit node.
There are many technical difficulties in establishing such a connection, for example, do you remember that the Tor chain is updated every 10 minutes or that Tor does not allow UDP to pass? The most viable option for practical implementation is the use of two virtual machines (more on this below).
It is also important to note that any exit node will easily highlight the client in the general flow, since most users go to different resources, and when using a similar scheme, the client always goes to the same VPN server.
Naturally, using regular proxy servers after Tor does not make much sense, since traffic to the proxy is not encrypted.

pros scheme:

• protection against eavesdropping on traffic on the Tor exit node, however, the Tor developers themselves recommend using encryption at the application level, for example, https;
• protection against blocking of Tor addresses by external resources.

Minuses scheme:

• complex implementation of the scheme;
• we must trust the exit VPN server.

Whonix concept

There are many OS distributions whose main purpose is to provide anonymity and protection for the client on the Internet, for example, Tails and Liberte and others. However, the most technologically advanced, constantly evolving and effective solution that implements the most advanced techniques for ensuring security and anonymity is the OS distribution.
The distribution consists of two Debian virtual machines on VirtualBox, one of which is a gateway that sends all traffic to the Tor network, and the other is an isolated workstation that connects only to the gateway. Whonix implements the mechanism of the so-called isolating proxy server. There is also the option of physically separating the gateway and workstation.

Since the workstation does not know its external IP address on the Internet, this allows you to neutralize many vulnerabilities, for example, if malware gains root access to the workstation, it will not have the opportunity to find out the real IP address. Here is a diagram of Whonix's operation, taken from its official website.


Whonix OS, according to the developers, has successfully passed all possible leak tests. Even applications such as Skype, BitTorrent, Flash, Java, known for their ability to access the open Internet bypassing Tor, have also been successfully tested for the absence of de-anonymizing data leaks.
Whonix OS implements many useful anonymity mechanisms, I will point out the most important ones:

• all traffic of any applications goes through the Tor network;
• To protect against traffic profiling, Whonix OS implements the concept of thread isolation. Whonix pre-installed applications are configured to use a separate Socks port, and since each Socks port uses a separate chain of nodes in the Tor network, profiling is impossible;
• secure hosting of Tor Hidden services is provided. Even if an attacker hacks the web server, he will not be able to steal the private key of the “Hidden” service, since the key is stored on the Whonix gateway;
• Whonix is ​​protected from DNS leaks because it uses an isolated proxy principle in its architecture. All DNS requests are redirected to Tor's DnsPort;
• Whonix supports the obfuscated bridges discussed earlier;
• “Protocol-Leak-Protection and Fingerprinting-Protection” technology is used. This reduces the risk of client identification through creating a digital fingerprint of the browser or system by using the most commonly used values, for example, username – “user”, time zone – UTC, etc.;
• it is possible to tunnel other anonymous networks: Freenet, I2P, JAP, Retroshare via Tor, or work with each such network directly. More detailed information about the features of such connections can be found at the link;
• It is important to note that Whonix has tested, documented and, most importantly, works (!) all schemes for combining VPN/SSH/Proxy with Tor. More detailed information about this can be obtained from the link;
• Whonix OS is a completely open source project using free software.

However, it is worth noting that Whonix OS also has its disadvantages:

• more complex setup than Tails or Liberte;
• two virtual machines or separate physical hardware are required;
• requires increased attention to maintenance. You need to monitor three operating systems instead of one, store passwords, and update the operating system;
• In Whonix, the “New Identity” button in Tor does not work. The fact is that the Tor browser and Tor itself are isolated on different machines, therefore, the “New Identity” button does not have access to Tor management. To use a new node chain, you need to close the browser, change the chain using Arm, the Tor control panel, Vidalia's equivalent in the Tor Browser, and launch the browser again.

The Whonix project is being developed separately from the Tor project and other applications that are part of it, therefore Whonix will not protect against vulnerabilities in the Tor network itself or, for example, a 0-day vulnerability in the firewall, Iptables.

The security of Whonix's operation can be summed up by a quote from its wiki: " And no, Whonix does not claim to protect from very powerful adversaries, to be a perfectly secure system, to provide strong anonymity, or to provide protection from three-letter agencies or government surveillance and such».
If departments of “their three letters” are looking for you, they will find you :)

The issue of friendship between Tor and VPN is controversial. Disputes on forums on this topic do not subside. I will give some of the most interesting of them:

1. section on Tor and VPN from the official Tor project page;
2. section of the Tails distribution forum on the VPN/Tor issue with the opinions of Tails developers. The forum itself is now closed, but Google has saved a cache of discussions;
3. section of the Liberte distribution forum on the VPN/Tor problem with the opinions of Liberte developers.

The service protects and improves your Internet connection so you can have peace of mind when surfing the Internet. Spotflux encrypts and compresses mobile Internet traffic, reducing data transfer costs, and allows you to browse safely, even over public Wi-Fi.

Psiphon

This service uses VPN, SSH and HTTP proxy technologies to solve the problem of access to blocked resources. Psiphon allows you to bypass censorship, gain access to the information you are interested in, and protects your accounts and passwords from hacking.

Betternet

With Betternet you don't have to worry about your passwords being hacked. This service allows you to access any website in any country, anonymously surf the Internet under a changed IP address, and protects your data from potential attackers.

Supports platforms: Firefox, Chrome, IOS, Android, Windows

CyberGhost VPN

This service is easy to install and provides secure and unlimited access to any resource on the Internet, regardless of where you are. CyberGhost VPN offers anonymity without compromising your online privacy.

SurfEasy

SurfEasy VPN allows you to use any device, anywhere, on any network, and securely browse any website without censorship or ISP restrictions. The service allows you to anonymously conduct activities, even if you connect to public Wi-Fi points or use unsecured networks.

Supports platforms: Windows, Mac OS, IOS, Android

Hide.me

Hide.me makes you truly anonymous online by hiding your personal information and location. It encrypts your activities, protecting you from hackers and malicious activity. This VPN service bypasses censorship and provides access to any information on the Internet.

Supports platforms: Windows, Android

FinchVPN

FinchVPN provides an easy-to-use control panel with many VPN servers in different locations around the world. The developers claim that the service does not monitor your activities.

Supports platforms: Windows, Mac OS, Linux, Android

proXPN

proXPN hides your information from strangers and masks your identity and location. The service protects against hacking and other malicious activities. It also allows you to get rid of censorship and see pages as they are.

Supports platforms: Windows, Mac OS

ZenMate

ZenMate encrypts and secures your internet connection to protect your information while you browse the web. This service allows you to anonymously view content on the World Wide Web.

Supports platforms: Chrome, Firefox, Opera, IOS, Android

ZPN

Reliable and fast VPN service. He provides 10 GB of free traffic per month and acts as a virtual firewall. With it you can connect to public Wi-Fi points without risk.

Supports platforms: Windows, iOS, Android

SecurityKISS

The service protects your private information, ensures anonymity and bypasses Internet restrictions set by Internet providers or the country. Provides free use 300 MB per day. Uses data compression technology, thereby guaranteeing high speed.

Supports platforms: Windows, Mac OS, Linux, IOS, Android

Hideman VPN

Hideman VPN provides data encryption and anonymity for Internet sessions. It offers free use with a time limit and traffic (No more than 2GB per month). Uses different server addresses from many countries around the world, thereby increasing your security.

Supports platforms: Windows, Mac OS, IOS, Android

ZenVPN

The service offers fast and reliable access to the Internet. It protects your information from unauthorized persons, thereby providing complete confidentiality to your data. Free ZenVPN package includes 250 MB of traffic per day.

Supports platforms: Windows, Mac OS, IOS, Android

GetPrivate

GetPrivate guarantees the security of your Internet connection around the world. The service provides unlimited bandwidth for all visited resources and provides access to closed sites.

Supports platforms: Windows

Often, when I recommend a VPN somewhere as a means of ensuring privacy and security online, I receive comments like “then Tor is better.” Yes, Tor has proven itself to be a good tool for maintaining anonymity online, but using a VPN also allows you to hide your online activity from outsiders, such as advertisers, hackers and other “snoopers”.
So, let's see how these two tools differ and what benefits we can get by using each of them.

Tor

The Tor system was created under federal orders at the US Naval Research Laboratory. Later, the source code was transferred “to public use” to speed up the development of the system. As a result, an open source client-server application was developed, the functionality of which could be tested by anyone.

Tor is a set of proxy servers in different parts of the world, combined into a system that provides an Internet connection protected from surveillance. This way, you remain anonymous when visiting websites, emailing, blogging, etc. Anonymization of traffic is carried out thanks to a distributed network of so-called “nodes” - servers between which data is transferred. This allows you to avoid traffic analysis using technologies that violate your rights to data confidentiality, personal correspondence, online privacy and privacy of communications in general.

In addition, the Tor system has the ability to create hidden web resources on pseudo-top-level domains.onion. Such sites are used, among other things, to commit illegal actions, but we will not touch on this aspect of the issue. We are interested in Tor as a means for ordinary users to securely access public websites. And in this case, using Tor, we can protect our data from annoying advertisers and their not entirely honest marketing moves, hide our real location while online, gain access to necessary Internet resources in countries where they are blocked or inaccessible by some -for reasons.

But, unfortunately, this system is not a panacea and is not capable of 100% protecting its users from invasion of privacy and giving them complete anonymity. The fact is that Tor hides the very fact of communication between the client and the server, but does not provide complete protection of transmitted data in the same way as, say, a VPN does.

For 100% security, additional encryption is required as the communication channels themselves (for example, using HTTPS when connecting to sites, OTR when communicating in instant messengers, PGP/GPG when sending emails, FTPS when downloading/uploading files, SSH/OpenSSH when organizing remote access) and transmitted data. In addition, Tor works using the SOKS protocol, which is not supported by all applications, and vice versa - Tor does not support all protocols that popular services use. For example, the network does not provide complete anonymity when using VoIP services and BitTorrent. Skype will not work correctly through Tor by default, and Flash is deactivated in the Tor browser by default, since it can connect to remote servers on its own, thus revealing user data.

Additionally, your ISP will see that you are using Tor since its addresses are publicly available. There is an opinion that intelligence agencies are showing special interest in Tor users - whether this is true or not, I have no idea, but I also don’t want to attract additional attention to myself when it seems like I’m not doing anything bad. Oddly enough, it is a VPN that helps hide the fact of using Tor. Well, it's time to consider this anonymity technology.

VPN

VPN is the general name for a network or connection that is created within or on top of another network, such as the Internet. Simply put, it is a tunnel consisting of a VPN client installed on the user’s device and a VPN server. Inside this tunnel, the data exchanged between the user and web resources is encrypted. The essence of VPN technology is to protect the traffic of any information network systems, audio and video conferencing, e-commerce systems, etc.

Today, VPN is one of the most reliable methods of data transfer due to the fact that this technology incorporates the experience of two serious companies - Microsoft and Cisco. For example, the joint work of the PPTP protocol (the brainchild of Microsoft) and GRE (a Cisco product). And also the even more advanced L2TP and L2F protocols are also developments of Microsoft and Cisco.

Data confidentiality during a VPN connection is ensured by the fact that encryption occurs at the sender level, and decryption occurs only at the recipient level. The contents of intercepted packets sent on such a network are understandable only to the owners of the shared encryption key, the length of which is the most important security parameter.

The key is generated on the user’s device and the server and is available only to them. The generation occurs based on random data such as a random question, your computer's response, response time, operating system, etc. This set of factors is unique. Any attacker, in order to select a decryption method, will have to repeat all these random factors, which is almost impossible, since modern VPN services use powerful encryption algorithms at the level of financial organizations.

Thus, VPN protects all outgoing and incoming data on the user's device. The user also receives the IP address of the VPN server, which replaces his own, and there is the ability to select an IP by location. Let's say you want to connect to any service as a user from the USA, then you need to select the IP of the American server.
Thanks to IP changing and encryption, your data is kept safe from hackers and other intruders, and your Internet activity is completely hidden.
Among the disadvantages of VPNs, we can note a decrease in traffic speed. You'll also likely have to pay to use a good VPN service if you need a secure connection regularly.

Some VPN providers have a problem with information leakage via IPv6 and/or DNS hijacking, but I believe that now that the public has paid attention to this, improvements in protection will not be long in coming.

So, let's summarize a little.

1. A VPN connects you to a server of your choice in the country you want. Tor transfers you to different servers located in different parts of the world without your control over the process.
2. VPN hides your real location and provides a new IP address - the server you choose. Tor hides your real IP and provides a random address of the last node you connected to.
3. VPN encrypts your data all the way to the server and back. Tor sends decrypted data from the last node you connected to, putting it at risk.
4. When you choose to use a VPN client, you are entrusting your data to a specific VPN provider, so you must be confident in it. By choosing Tor, you may be entrusting your data to the American government and other project sponsors - debatable, but not impossible.
5. VPN allows you to protect correspondence in VoIP services and use torrents. Tor will only help if the VoIP application uses the appropriate protocols.
6. A VPN can leak data if it uses outdated technology. Tor cannot hide the fact that it is being used.

Thus, we can see that Tor and VPN have their own advantages and disadvantages and can serve us in different situations and for different purposes.

Let's say, if you just need to access some content on the site, then you can use any of them, but you can use Skype in a country where it is prohibited without additional effort only with a VPN.

If you need to access the network “from a specific country,” then it is better to use a VPN service with the appropriate location, and if it does not matter where you are traveling from, but only anonymity is important, then Tor will do.

There can be a lot of examples.

For maximum protection, if you work with very valuable data, you can use the Tor+VPN combination and not be afraid of anyone or anything :)

For example, I use Tor on a computer, and on mobile devices - . I also periodically connect it to Google Chrome for convenience. This system has not let me down yet.

If I have not taken into account any advantages or disadvantages of these technologies, please comment.

The first thing that comes to mind when mentioning a VPN is the anonymity and security of the transmitted data. Is it really? Let's figure it out.

When you need to gain access to a corporate network, safely transmit important information over open communication channels, hide your traffic from the watchful eye of your provider, hide your real location when carrying out any not entirely legal (or not at all legal) actions, you usually resort to using a VPN . But is it worth blindly relying on a VPN, putting the security of your data and your own safety at stake? Definitely no. Why? Let's figure it out.

WARNING

All information is provided for informational purposes only. Neither the editors nor the author are responsible for any possible harm caused by the materials of this article.

We need a VPN!

A virtual private network, or simply VPN, is a generic name for technologies that allow one or more network connections (a logical network) to be provided over another network, such as the Internet. Despite the fact that communications can be implemented through public networks with an unknown level of trust, the level of trust in the constructed logical network does not depend on the level of trust in the underlying networks due to the use of cryptography tools (encryption, authentication, public key infrastructure, means for protection against replays and changes messages transmitted over a logical network). As you can see, in theory everything is rosy and cloudless, but in practice everything is somewhat different. In this article, we will look at two main points that you must take into account when using a VPN.

VPN traffic leak

The first problem with VPNs is traffic leakage. That is, the traffic that should be transmitted through the VPN connection in encrypted form enters the network in clear text. This scenario is not the result of a bug in the VPN server or client. Everything is much more interesting here. The simplest option is to suddenly disconnect the VPN connection. You decided to scan a host or subnet using Nmap, launched the scanner, walked away from the monitor for a few minutes, and then the VPN connection suddenly dropped off. But the scanner continues to work. And the scanning comes from your address. This is such an unpleasant situation. But there are more interesting scenarios. For example, VPN traffic leakage is widespread in networks (on hosts) that support both versions of the IP protocol (so-called dual-stacked networks/hosts).

Root of Evil

The coexistence of two protocols - IPv4 and IPv6 - has many interesting and subtle aspects that can lead to unexpected consequences. Although IP 6 is not backward compatible with IP 4, the two versions are glued together by the Domain Name System (DNS). To make it clearer what we are talking about, let’s look at a simple example. For example, let's take a website (let's say www.example.com) that has both IPv4 and IPv6 support. The corresponding domain name (www.example.com in our case) will contain both types of DNS records: A and AAAA. Each A record contains one IPv4 address, and each AAAA record contains one IPv6 address. Moreover, one domain name can have several records of both types. Thus, when an application that supports both protocols wants to communicate with the site, it can request any of the available addresses. The preferred address family (IPv4 or IPv6) and the final address that will be used by the application (given that there are several for versions 4 and 6) will differ from one protocol implementation to another.

This coexistence of protocols means that when a client that supports both stacks wants to communicate with another system, the presence of A and AAAA records will influence which protocol will be used to communicate with that system.

VPN and dual protocol stack

Many VPN implementations do not support, or even worse, ignore IPv6 entirely. When a connection is established, the VPN software takes care of transporting IPv4 traffic - adding a default route for IPv4 packets, thereby ensuring that all IPv4 traffic is sent through the VPN connection (instead of it being sent in the clear through the local router ). However, if IPv6 is not supported (or completely ignored), every packet with a destination IPv6 address in its header will be sent in the clear through the local IPv6 router.

The main reason for the problem lies in the fact that although IPv4 and IPv6 are two different protocols that are incompatible with each other, they are closely used in the domain name system. Thus, for a system that supports both protocol stacks, it is impossible to secure a connection to another system without securing both protocols (IPv6 and IPv4).

Legitimate VPN traffic leak scenario

Consider a host that supports both protocol stacks, uses a VPN client (working only with IPv4 traffic) to connect to the VPN server, and is connected to a dual-stacked network. If an application on the host needs to communicate with a dual-stacked node, the client typically queries both A and AAAA DNS records. Since the host supports both protocols, and the remote node will have both types of DNS records (A and AAAA), one of the likely scenarios will be to use the IPv6 protocol for communication between them. And since the VPN client does not support the sixth version of the protocol, IPv6 traffic will not be sent through the VPN connection, but will be sent in clear text through the local network.

This scenario puts valuable data being transmitted in clear text at risk when we think it is being transmitted securely over the VPN connection. In this particular case, VPN traffic leakage is a side effect of using non-IPv6 software on a network (and host) that supports both protocols.

Deliberately causing VPN traffic to leak

An attacker can deliberately force an IPv6 connection on a victim's computer by sending fake ICMPv6 Router Advertisement messages. Such packets can be sent using utilities such as rtadvd, SI6 Networks' IPv6 Toolkit or THC-IPv6. Once an IPv6 connection is established, “communication” with a system that supports both protocol stacks can result, as discussed above, in leaking VPN traffic.

Although this attack can be quite fruitful (due to the growing number of sites supporting IPv6), it will only leak traffic when the recipient supports both versions of the IP protocol. However, it is not difficult for an attacker to cause traffic leaks for any recipient (dual-stacked or not). By sending fake Router Advertisement messages containing the appropriate RDNSS option, an attacker can pretend to be a local recursive DNS server, then perform DNS spoofing to perform a man-in-the-middle attack and intercept the corresponding traffic. As in the previous case, tools like SI6-Toolkit and THC-IPv6 can easily pull off this trick.

It doesn’t matter at all if traffic that is not intended for prying eyes ends up in the open on the network. How to protect yourself in such situations? Here are some useful recipes:

1. If the VPN client is configured to send all IPv4 traffic over the VPN connection, then:

• if IPv6 is not supported by the VPN client, disable support for the sixth version of the IP protocol on all network interfaces. Thus, applications running on the computer will have no choice but to use IPv4;
• if IPv6 is supported, ensure that all IPv6 traffic is also sent through the VPN.

1. To avoid traffic leakage if the VPN connection suddenly drops and all packets are sent through the default gateway, you can:
2. force all traffic to go through VPN route delete 0.0.0.0 192.168.1.1 // delete default gateway route add 83.170.76.128 mask 255.255.255.255 192.168.1.1 metric 1

• use the VPNetMon utility, which monitors the state of the VPN connection and, as soon as it disappears, instantly terminates user-specified applications (for example, torrent clients, web browsers, scanners);
• or the VPNCheck utility, which, depending on the user’s choice, can either completely disable the network card or simply terminate the specified applications.

1. You can check whether your machine is vulnerable to DNS traffic leaks on the website, and then apply the tips on how to fix the leak described.

VPN traffic decryption

Even if you have configured everything correctly and your VPN traffic does not leak into the network in the clear, this is not yet a reason to relax. The point is that if someone intercepts encrypted data transmitted through a VPN connection, he will be able to decrypt it. Moreover, it does not affect this in any way whether your password is complex or simple. If you use a VPN connection based on the PPTP protocol, then you can say with one hundred percent certainty that all intercepted encrypted traffic can be decrypted.

Achilles' heel

For VPN connections based on the PPTP (Point-to-Point Tunneling Protocol), user authentication is carried out using the MS-CHAPv2 protocol developed by Microsoft. Despite the fact that MS-CHAPv2 is outdated and very often the subject of criticism, it continues to be actively used. To finally send it to the dustbin of history, the famous researcher Moxie Marlinspike took up the matter, who reported at the twentieth DEF CON conference that the goal had been achieved - the protocol had been hacked. It must be said that the security of this protocol has been puzzled before, but such a long use of MS-CHAPv2 may be due to the fact that many researchers focused only on its vulnerability to dictionary attacks. Limited research and a wide number of supported clients, built-in support by operating systems - all this ensured widespread adoption of the MS-CHAPv2 protocol. For us, the problem lies in the fact that MS-CHAPv2 is used in the PPTP protocol, which is used by many VPN services (for example, such large ones as the anonymous VPN service IPredator and The Pirate Bay’s VPN).

If we turn to history, then already in 1999, in his study of the PPTP protocol, Bruce Schneier indicated that “Microsoft improved PPTP by correcting major security flaws. However, the fundamental weakness of the authentication and encryption protocol is that it is only as secure as the password the user chooses.” For some reason, this made providers believe that there was nothing wrong with PPTP and that if the user was required to come up with complex passwords, the transmitted data would be secure. The Riseup.net service was so inspired by this idea that it decided to independently generate 21-character passwords for users, without giving them the opportunity to set their own. But even such a strict measure does not prevent traffic from being decrypted. To understand why, let's take a closer look at the MS-CHAPv2 protocol and see how Moxie Marlinspike managed to crack it.

MS-CHAPv2 protocol

As already mentioned, MSCHAPv2 is used for user authentication. It happens in several stages:

• the client sends an authentication request to the server, publicly passing its login;
• the server returns a 16-byte random response to the client (Authenticator Challenge);
• the client generates a 16-byte PAC (Peer Authenticator Challenge - peer authentication response);
• the client combines the PAC, the server response and its user name into one line;
• an 8-byte hash is taken from the received string using the SHA-1 algorithm and sent to the server;
• the server retrieves the hash of this client from its database and decrypts its response;
• if the decryption result matches the original response, everything is OK, and vice versa;
• subsequently, the server takes the client's PAC and, based on the hash, generates a 20-byte AR (Authenticator Response), passing it to the client;
• the client performs the same operation and compares the received AR with the server response;
• if everything matches, the client is authenticated by the server. The figure shows a visual diagram of the protocol's operation.

At first glance, the protocol seems overly complicated - a bunch of hashes, encryption, random challenges. It's actually not that complicated. If you look closely, you will notice that in the entire protocol only one thing remains unknown - the MD4 hash of the user’s password, on the basis of which three DES keys are built. The remaining parameters are either transmitted in clear form, or can be obtained from what is transmitted in clear form.

Since almost all the parameters are known, we can not consider them, but pay close attention to what is unknown and find out what it gives us.

So, what we have: an unknown password, an unknown MD4 hash of that password, a known plaintext, and a known ciphertext. Upon closer examination, you will notice that the user’s password is not important to us, but its hash is important, since it is this that is checked on the server. Thus, for successful authentication on behalf of the user, as well as for decrypting his traffic, we only need to know the hash of his password.

Having intercepted traffic in hand, you can try to decrypt it. There are several tools (for example, asleap) that allow you to guess a user's password through a dictionary attack. The disadvantage of these tools is that they do not provide a 100% guarantee of results, and success directly depends on the chosen dictionary. Selecting a password using simple brute force is also not very effective - for example, in the case of the PPTP VPN service riseup.net, which forcibly sets passwords 21 characters long, you will have to try 96 character options for each of the 21 characters. This results in 96^21 options, which is slightly more than 2^138. In other words, you need to select a 138-bit key. In a situation where the length of the password is unknown, it makes sense to select an MD4 hash of the password. Considering that its length is 128 bits, we get 2^128 options - at the moment this is simply impossible to calculate.

Divide and rule

The MD4 hash of the password is used as input for three DES operations. DES keys are 7 bytes long, so each DES operation uses a 7-byte portion of the MD4 hash. All this leaves room for the classic divide and conquer attack. Instead of completely brute force the MD4 hash (which, as you remember, is 2^128 options), we can select it in parts of 7 bytes. Since three DES operations are used and each DES operation is completely independent of the others, this gives a total matching complexity of 2^56 + 2^56 + 2^56, or 2^57.59. This is already significantly better than 2^138 and 2^128, but still too many options. Although, as you may have noticed, an error crept into these calculations. The algorithm uses three DES keys, each 7 bytes in size, that is, 21 bytes in total. These keys are taken from the MD4 hash of the password, which is only 16 bytes long.

That is, 5 bytes are missing to build the third DES key. Microsoft solved this problem simply by stupidly filling the missing bytes with zeros and essentially reducing the effectiveness of the third key to two bytes.

Since the third key has an effective length of only two bytes, that is, 2^16 options, its selection takes a matter of seconds, proving the effectiveness of the divide and conquer attack. So, we can assume that the last two bytes of the hash are known, all that remains is to select the remaining 14. Also, dividing them into two parts of 7 bytes, we have a total number of options for searching equal to 2^56 + 2^56 = 2^57. Still too much, but much better. Note that the remaining DES operations encrypt the same text, just using different keys. The search algorithm can be written as follows:

But since the text is encrypted the same, it is more correct to do it like this:

That is, there are 2^56 variants of keys to search through. This means that the security of MS-CHAPv2 can be reduced to the strength of DES encryption alone.

Hacking DES

Now that the range of key selection is known, it is up to computing power to successfully complete the attack. In 1998, the Electronic Frontier Foundation built a machine called Deep Crack, which cost $250,000 and could crack a DES key in an average of four and a half days. Currently, Pico Computing, which specializes in building FPGA hardware for cryptographic applications, has built an FPGA device (DES cracking box) that implements DES as a pipeline with one DES operation per clock cycle. With 40 cores at 450 MHz, it can enumerate 18 billion keys per second. With such a brute-force speed, the DES cracking box cracks a DES key in the worst case in 23 hours, and on average in half a day. This miracle machine is available through the commercial web service loudcracker.com. So now you can crack any MS-CHAPv2 handshake in less than a day. And having a password hash in hand, you can authenticate on behalf of this user on a VPN service or simply decrypt his traffic.

To automate work with the service and process intercepted traffic, Moxie made the chapcrack utility publicly available. It parses intercepted network traffic, looking for MS-CHAPv2 handshake. For each handshake it finds, it prints the username, the known plaintext, two known ciphertexts, and cracks the third DES key. In addition, it generates a token for CloudCracker, which encodes three parameters necessary for the service to crack the remaining keys.

CloudCracker & Chapcrack

In case you need to crack DES keys from intercepted user traffic, I will provide a short step-by-step instruction.

1. Download the Passlib library, which implements more than 30 different hashing algorithms for the Python language, unpack and install: python setup.py install
2. Install python-m2crypto - an OpenSSL wrapper for Python: sudo apt-get install python-m2crypto
3. Download the chapcrack utility itself, unpack and install: python setup.py install
4. Chapcrack is installed, you can start parsing the intercepted traffic. The utility accepts a cap file as input, searches it for MS-CHAPv2 handshake, from which it extracts the information necessary for hacking.
5. chapcrack parse -i tests/pptp
6. From the data output by the chapcrack utility, copy the value of the CloudCracker Submission line and save it to a file (for example, output.txt)

Go to cloudcracker.com, in the “Start Cracking” panel select File Type equal to “MS-CHAPv2 (PPTP/WPA-E)”, select the output.txt file previously prepared in the previous step, click Next -> Next and indicate your e -mail, to which a message will be sent after the hacking is completed.

Unfortunately, CloudCracker is a paid service. Fortunately, you won't have to pay that much to hack the keys - only 20 bucks.

What to do?

Although Microsoft writes on its website that it currently has no information about active attacks using chapcrack, as well as the consequences of such attacks on user systems, this does not mean that everything is in order. Moxie recommends that all users and providers of PPTP VPN solutions begin migrating to another VPN protocol. And PPTP traffic is considered unencrypted. As you can see, there is another situation where VPN can seriously let us down.

Conclusion