Help me understand!!!! :)

So I recently purchased a VPN and decided to not to live a life in ignorance and teach myself all the details behind how a VPN actually works (arguably I should have done this in reverse orders hehe).

I believe I understand the “big lines” in that a VPN works as a middleman in that when I send and receive information through the internet it is transmitted via a VPN server (with a different IP address) with the information being encrypted so that neither my ISP nor potential hackers can access my information. However, I have couple of questions regarding this that I cant seem to fathom on my own. Hopefully my descriptions make sense :`)

Firstly, whenever I connect to the internet I send my information to my router and then on to the “internet” (which I believe is roughly defined as all the wires that make it possible for servers to connect to clients from all over the world) . This means that even though I am using a VPN I need to send an initial signal to the VPN server and so my ISP should be able to tell that a signal is sent from one place (my computer) to another (the VPN server) since the signal goes via my router. I get that this information is encrypted, but is it not the case that I am now accessing the internet from my original IP address? How is my identity then protected? Is this irrelevant because the information I am sending is encrypted and thus hidden?

Secondly, I have heard a lot of talk about the VPN tunnelling protocol/system which I loosely understand as a defense system that protects the information you transmit. As far as I have gathered the tunnelling protocol is split into a primary and secondary defense system with the secondary being the encryption. What I see little to no information about is the primary defense system AKA the “tunnel” itself. Can someone enlighten me on what the “primary defense system” of a VPN tunnel is?

خرید فیلترشکن

6 دیدگاه برای “Help me understand!!!! :)”

  1. As far as the first question, think of internet service like the mail and the ISP as your local post office.

    Unencrypted traffic is like sending postcards. Everybody on the route can see everything. If somebody not part of the postal service were to peek at it, they would see it too.

    Encrypted traffic is like using an envelope or box. Anybody can see who you are sending it to, and have a rough idea about how big what you are sending is. But they do not know the exact contents.

    Using a VPN, that is like placing whatever you are sending in another envelope or box addressed to your friend that lives somewhere else. Once received, your friend opens the envelope addressed to him and takes the original package or letter, puts on his address as the return address, and sends it on through his post office. All anybody who handles this (from your post office) can see is that you are sending stuff to your friend, and the size of what you are sending. They don’t know where the final destination is. At the destination, it looks like it was sent from your friends house.

  2. When the VPN server sends your packets out to the Internet, it “masquerades” them by substituting its IP address as the source instead of your own IP address. The destination server and all points along the way will never see your own IP address.

  3. On your second question, encryption is the “tunnel” (i.e., message is opaque to the outsider & your ISP).

    BTW, VPN is not necessarily more secure than the ISP. When you connect to a VPN service, you are putting your trust in the VPN service. Suffice it to say that some VPN services are more shady than your ISP and thus putting you in a more vulnerable position.

  4. Oh yeah and also

    [https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-18-04](https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-18-04)

    That’s OpenVPN from command line without some installer doing everything for you. this is essentially one way in which a VPN connection can be configured for either a UDP or TCP connection. To dive deeper, look up terms you don’t recognize, different types of VPN connections (and their security flaws), how packets move through the network layers, learn to program and look at OVPN’s source code lol, and so on.

    Also check out Wireguard

    Both are open source if you really want to literally see what they are doing. Wireguard requires FAR less code and performs better too. On both Linux and Windows. You’ll even see less packets escape in Wireshark.

دیدگاه‌ها بسته شده‌اند.