اگر من با استفاده از VPN در مدرسه چه آنها می بینید؟

5 دیدگاه برای “اگر من با استفاده از VPN در مدرسه چه آنها می بینید؟”

1. They can see *metadata*. That means they have timestamps (they know when you log in/out) and they also know how much bandwidth you’re consuming. But (assuming you’ve set up your VPN properly) they can’t see what websites you’re visiting or who you are connecting with.

   See it this way: they know you are sending or receiving a package. But they don’t know who sent it or to whom you are sending it. They also know the size of the package. But they are unable to see what’s inside. It’s encrypted. If they tried, they would only see nonsense. A random set of characters. You’re safe to go, bro.

2. As others have said, they will only be able to see encrypted packets, they won’t know what you’re doing.

   However

   The fact they can’t see what you’re doing means they will know you’re using a VPN. VPNs are used for lots of things, but given you’re using their internet, it wouldn’t be unreasonable to assume that if they spot it, they’re going to haul you over and ask you to explain what you’re doing.

   They could very well take that access from you if they aren’t satisfied with answers. They are providing the service, they can withdraw it.

   Unless this is something really vital, don’t do it at school, without talking to an administrator. It’s not worth risking your education.

3. Realistically what they will see (e.g. looking at firewall logs) is an encrypted connection to your VPN provider’s IP address on whatever port you elect to use, which they could resolve with a reverse DNS lookup to obtain a little more information. For example, if you use Private Internet Access as your provider, all connections will resolve to <regional_gateway>.privateinternetaccess.com. A network admin could in theory watch for this and block the domain if they decide anyone using PIA is up to no good.

   If you’re using even a modest level of encryption for the connection, they won’t see the contents of your traffic nor the destinations, only traffic going to/from the VPN gateway IP. This assumes your VPN connection is set up “correctly” and you don’t have a DNS leak, in which case they could see the destinations of your traffic, but not the contents. They could arguably decrypt your traffic if you’re using a weak encryption protocol (such as PPTP), but if they’re inspecting your traffic that closely you’ve got bigger problems (e.g. the police have suspected you are doing something illegal and are actively monitoring your traffic for evidence, or you live in a police state like the Great Firewall of China). An extreme example but just to give you an idea of what a network admin looks at. Traffic monitoring is a lot of work and it most cases a network admin would have to be tipped off to more closely look at your traffic and the contents.

   There are a few ways to make a VPN connection fly under the radar. Running a VPN server at home and connecting to that will usually look more innocuous than a well-known commercial provider whose domain can be blocked. By default most VPN connections use ports other than 80/443 used by normal web traffic and can be easily identified (more commonly just blocked outright on restrictive networks). The common workaround is to run the VPN tunnel on TCP port 443 (Microsoft SSTP default config or OpenVPN configured on 443). This will make the traffic indistinguishable from HTTPS web traffic unless deep-packet inspection is being employed, which as mentioned above, only occurs when the network admin is actively looking for content deemed unacceptable or you’ve been singled out for monitoring because you’ve already been suspected of doing something illegal.

4. Why don’t you learn how to use ‘Wireshark’, which is a free open-sourced program which will teach you much about this topic.

   The software is free to download/install on your computer. Then you could learn what they see.

5. same… they can see you ‘doing stuff’ but not what you are doing 🙂

دیدگاه‌ها بسته شده‌اند.