How VPN works?

Rishi Rajpal
Cyversity
Published in
5 min readMay 20, 2021

VPN - Virtual Private Network.

In a nutshell, Virtual Private Network provides privacy and anonymity online by building a private network on a public internet connection.

Initially, VPNs were only used by large businesses, organizations, or governments that wanted to protect their data. As people started to work remotely and were required to connect online, the need to create a secure connection was necessary.

Nowadays, a lot of people use VPNs. Specifically, because it makes sure your location stays hidden, your data is encrypted so you can surf the internet anonymously.

Working of the Internet-

To understand how VPNs work, a little knowledge of how the Internet works is needed. Let’s take a quick recap.

Traditional Network Diagram
  • An IP address is a series of numbers that identify your device when you connect to the Internet.
  • All data sent online is in the form of data packets.
  • All your devices have a local and public IP address assigned to your route.
  • Every website can see this public IP and your location (depending on your IP).
  • When you request a URL in your web browser, it resolves it into an IP address.
  • After that, the data package requesting access to the website is sent to the webserver via the Internet.
  • The server is processing your request by sending back the required data packets.

Reasons to use VPN –

  1. Not all websites use HTTP”S”-
    The “S” stands for secure communication protocol. If you visit a website without an HTTPS connection, the data you send or receive will be visible to anyone who is spying on you. Also, you cannot be sure if an app you’re using on your mobile is using the secure HTTPS connection. With the addition of the secure layer from VPN, the data which is snooped will be encrypted and hence will be extremely difficult for an attacker to understand.
  2. If you are constantly using un-secure networks like in cafés, restaurants, airports, etc. -
    Places like these often have open WiFi hotspots to which anyone can connect to and gather the traffic flow, steal your data and install malware into your device.
  3. To access blocked websites in your region-
    As VPN services change your IP address to the VPN server’s IP address, any blocked website that might not be available can be made available to you.
  4. You can avoid unlawful government surveillance.
    Governments can usually direct an ISP to submit a person’s online activity which may or may not be lawful depending on your region. Even unnecessary tracking can be performed by someone working on the inside. A VPN hides all your internet activity.
  5. In fact, your Internet service provider (ISP) is unable to keep track of what you are browsing online.

Working of VPN -

  • When you’re connecting to a VPN service, you are actually connecting to a remote VPN server.
  • This makes it seem like you are browsing from another place with a different IP address.
  • Your internet activity can’t be traced back to you or your devices. As the website you visit, sees the VPN’s IP address, not your devices’.
  • When you connect to a VPN server, a tunnel is created that protects the data being exchanged between your device and the VPN server.
  • To protect each data packet, a VPN performs encapsulation to encrypt it. Data traveling from your device to the VPN server is safe after encapsulation.
  • When the data packet reaches the VPN server, the outer packet is decrypted, a.k.a decapsulation.
  • After the data is received by the VPN server, it is then sent to the webserver of the website you are trying to access.
  • But the key difference from a traditional network is that the originating IP address received by the webserver is of the VPN server.
  • Therefore, the webserver believes the request is coming from a different IP (hence a different region) and responds back to the VPN server.
  • Then the data packets received from the web server are encapsulated again by the VPN protocols and sent back to you.
  • When you receive the data packets from the VPN server, it goes through the process of decapsulation.
  • Finally, the content is displayed by your browser.

VPN Protocols -

VPN Protocol is the key to VPN technology which is a set of encryption standards used for creating a secure connection between two devices.

VPN providers commonly support a couple of VPN protocols.

Common VPN Protocols — PPTP, L2F, L2TP, and IPsec.

  • PPTP, L2F, and L2TP operate at the Data Link Layer.
  • PPTP and IPsec are limited to use on IP networks
  • L2F and L2TP can be used in order to encapsulate any LAN protocol.
Table for VPN Protocols.

OpenVPN is used by most VPN providers in the world, which is highly configurable and provides a good balance between speed and security as you can use it in both TCP and UDP ports.

Internet Key Exchange V2 is also a tunneling protocol often used in conjunction with IPsec for encryption. It adapts well to network changes, making it an excellent choice for mobile users who often switch between WiFi and mobile data connections.

Wireguard Protocol — security-oriented VPN protocol. It uses ‘ChaCha20’ for symmetric encryption paired with ‘Poly1305’ for message authentication.

Demerits

  1. Slower connection.
  2. Some web services might not be available.
  3. Loading performance can be affected.
  4. In some countries like the USA, where the intelligence agencies are known to flag accounts related to accessing these services, and seeking out extra security can open one to intrusion and surveillance.

Some free VPN services for PC -

  1. Proton VPN
  2. Hotspot Shield VPN
  3. TunnelBear VPN

Some free VPN services for mobile -

  1. Proton VPN
  2. Turbo VPN
  3. Touch VPN

--

--

Cyversity
Cyversity

Published in Cyversity

We here aim at providing Knowledge related to Cyber Security , Digital Forensics and Solutions to several Practicing Platform along with Some Programming Language Related Stuffs.

Rishi Rajpal
Rishi Rajpal

Written by Rishi Rajpal

Cyber Security and Digital Forensics student.

No responses yet