Question about Computers & Internet

1 Answer

Security concerns & VPN settings

I have Golden Frog VPN Service as part of a newsgroup package.. It is my understanding that this software encrypts and secures my connections both inbound & outbound. In the settings menu, I have the option of using L2TP/IPSec or PPTP protocols. Which, if any, is better, safer, more secure or doesn't it really matter? I try to limit my exposure on the web simply because of privacy concerns and identity theft. I do not use any torrent software as it is my understanding that it is virus infested, I may be wrong. I have firewalls in place, use anti virus software with realtime monitoring as well as website monitoring that warns if you are about to enter a suspicious website that is constantly checking for updated definition files. Is there anything else I can do to protect myself while on the web? Thanks for any ideas or clarifications that you can provide me with. I am still learning and have heard horror stories of identity theft and such and really don't want to become a statistic. Thanks, fnolteiii

Posted by on

Ad

1 Answer

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    President:

    An expert whose answer got voted for 500 times.

  • Master
  • 623 Answers

You understand correctly. Your traffic from you to Golden Frog is encrypted both ways - that's why it's called VPN Tunnel. This way the traffic appears to come from them and not from you, so you can't be traced back easily. I say easily because there are ways, but then we're talking about serious knowledge and effort. Think "James Bond" - nothing for the "Household Hacker".


As encryption protocol you should definitely use L2TP with IPSec.

In general there are three protocols: PPTP, L2TP/IPSec, and OpenVPN.

PPTP uses 128-bit RSA encryption, the latter two 256-bit AES. I would choose OpenVPN over L2TP because of the lower overhead and therefore less stress on the CPU when encrypting data.

You should steer away from PPTP since it has serious security issues. First the encryption is done in one step compared to the two-step process in L2TP. Furthermore PPTP is a proprietary protocol using Microsoft's Point-to-Point Encryption protocol MPPE implementing RSA RC4 algorithms.


L2TP on the other hand is using the standardized IPSec protocol. RFC 4835 specifies either the non-proprietary 3DES or AES encryption algorithm for confidentiality. iVPN uses the AES algorithm with 256 bit keys. (AES256 is the first publicly accessible and open cipher approved by the NSA for top secret information.)


If you want to read more about PPTP vulnerability, you can find it here.


Your impression of torrents is not totally correct. The software itself is not virus infected and has it's legitimate use. Example: Most Linux distributions are available as torrents. The reason is that instead of 100,000 people downloading the image from one server, the image is shared between many people, therefore easing the load on the server and keeping the cost down, since you have to pay for traffic as a host.

The general problem with torrents is that they are often used for sharing illegal content or files, usually where the source cannot be determined with certainty. You should always treat downloads from the internet and/or unknown sources with suspicion and let your AV software run a scan.


Any general advice?


One big one for me is to never use Windows OS for my online banking. I might be paranoid, but then I think I worked too hard for my money and rather go through the inconvenience than through the "pain".


General information can be found here.

A wiki containing a list of banks and browsers supporting Linux is here.

A distribution especially designed or online banking called "Bankix" can be found here. The article is in German, but can easily be translated through Google. The main advantages are:

The internal hard drive is not accessible thanks to a patch to the Linux Kernel and the boot media is secured (prevents against Zero Day Exploits.)


Hope that helps.

C.Dante

Posted on Jan 09, 2013

Ad

2 Suggested Answers

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
Best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
New users get to try the service completely Free afterwhich it costs $6 per call and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
Goodluck!

Posted on Jan 02, 2017

Ad
  • 6 Answers

SOURCE: I have tried to connect

First thing to try is making sure you have the latest firmware on the router. If you have not logged into it before you need to type http://192.168.2.1 in your browser address bar and log in when prompted. The router by default does not have a password set so it might be worth setting one in system settings. You should find on the menu an option to update the firmware. Read the screen should guide you how do this. If the firmware is up-to-date and you still have a problem try disabling your firewall on the pc to see if it's getting in the way. Don't leave the firewall off if you find it's causing the problem you just have to work out how to configure it to allow the traffic out. The route should allow this traffic out by default.

Posted on Dec 02, 2010

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

7 Answers

How to choose better VPN service?


Choose the one who provides more beneficial services and fast internet access with all security.
I would recommend you to Buy VPN from SwitchVPN.
They would provide you lots of amazing features like:
a. Zero Logging
b. High-security DNS
c. High internet speed.
d. Faster streaming and gaming
e. High security from hackers
f. P2P support, etc.

vpn_trans-uwcfqjxjrjsrsxt55i0epgky-1-0.png

Jan 21, 2015 | Computers & Internet

5 Answers

What is the difference between VPN-connection and Proxy websites?


While both a Proxy and VPN service will re-route your internet traffic and change your IP, they function slightly differently.
Think of a Proxy as a Web Filter. The proxy settings are applied to your internet browser whether you're using MSIE, Chrome, Safari, Firefox, Etc. When browsing the internet through a proxy server, all benefits with that server are used, for example, (Security, Speed, and Geographic Location). The proxy will only secure traffic via the internet browser using the proxy server settings.
Unlike a Proxy, a VPN service provider(Virtual Private Network) encrypts all of your traffic, replacing your ISP and routing ALL traffic through the VPN server, including all programs and applications. This also will use all benefits of the VPN server such as (Speed, Geopgraphic Location, and Security).
The VPN can be easily connected or disconnected with the click of a button.
In conclusion, a proxy server is completely browser based, and is not as compatible with certain web pages that use non-browser technology such as: Comedy Central,Zatoo, Fox OD, and Sky Player. However, a VPN will work with ALL internet based services, but will offer less choice on which applications will get run through your ISP, as with the VPN, everything is routed through that server when connected.
So, you can get VPN services from sources like HideMyAss, Super VPN, etc., Once you have enabled a VPN service, you can visit IP-Details.com and have an IP lookup to ensure the change in your IP address.

Jan 21, 2015 | Computers & Internet

3 Answers

How to setup VPN on iPhone?


Acctually you don't need any specific software to install vpn on your iphone. You can do this using standard iPhone settings.

To make a new vpn connection in your iOS device you need to do the next:
  1. 1. Go to Settings > General > VPN
    vpnforipad1.jpg

  2. 2. Click Add VPN Configuration
    vpnforipad2.jpg

  3. 3. Choose PPTP VPN and enter you VPN account data. You will receive your VPN server, username and password in the e-mail
    Server address must be exactly as in your account data (without http://, www or any other symbols)

    vpnforipad3.jpg

  4. 4. Save your VPN configuration. Once you have created VPN connection you can switch it ON and OFF on the main settings screen
    vpnforipad4.jpg

Once you have created vpn connection you can switch it on and off on the main settings screen.
Sahrzad VPN How to Setup Guides

Jan 21, 2015 | Apple iPhone 5

6 Answers

How to open blocked site without any softwares


Here is the simplest step first follow this link Hero Proxy Rescuing Your Privacy then scroll down or in the middle you will see this

Start Your Anonymous Browser

type your site you want to visit then click change my ip address button. You will open the blocked site, have a blessed day.

May 17, 2014 | YouTube Videos

1 Answer

Speed test through the modem gives proper results. Connect a Fortinet 110c IPsec VPN and speed is tremendously slow


VPN connections are encrypted, this adds extra overhead to the connection and an extra place all data must route through.
Once connected to a VPN your speed is determined by the slowest connection between you and your end point (The site you're visiting, or the service you are using)
For example:
If your home / business connection is a 20mb but your VPN is a 1MB connection, then your speed is going to be less then 1mb once you connect through the VPN.

Encrypted traffic is usually a bit slower, however if you feel speeds are far slower then they should be, you will need to contact the vpn service provider and see if any settings in your VPN software can be changed to speed things up.

Dec 26, 2013 | Fortinet, Inc. FortiGate 110C (FG110CUS)...

1 Answer

I tried to install NetExtender client from SSL-VPN website to Windows XP (x64) with IE8 but getting "Failed to install NetExtender, the installation has been rolled back!" message. I already...


In Windows your security settings need to be set to accommodating this installation you can find the security settings for IE8 by going to tools then internet options set your security to low from your question it reads that you have done this already my research bring me to this option please read below.
Article Applies To:
SonicWALL SMB SSL-VPN Appliances and Software: SMB SSL-VPN 2000, SMB SSL-VPN 4000, NetExtender
Firmware/Software Version: 2.5 or higher



Problem Definition:
When installing NetExtender on any supported Windows operating system, the error "Failed to install NetExtender, the installation has been rolled back" may be observed, especially when the operating system is installed on a drive other than the default. This issue is resolved by upgrading the SSL VPN 2000 or 4000 appliance to firmware version 2.5 or higher and making another installation attempt.
Resolution or Workaround:
For each of the following possible causes of this behavior, an explanation, workaround, or solution is provided:
  • User does not have administrative privileges. With 2.5.x.x firmware and above, administrative privileges are required for initial installation only, previous versions require administrative privileges for each update.
  • Browser security settings. Add https://IP-or-DomainName to trusted sites, and set trusted sites security level to LOW.
  • Popup blocker. Disable all third party popup blockers.
  • Anti-virus or anti-spyware. Temporarily disable all third party anti-virus or anti-spyware solutions.
Source: SSL VPN 2000/4000 2.5 Release Notes this has been copied from doing my research this is not my material but a help post from another source. Thanks for using FixYa! do not forget to vote for me. John

Mar 12, 2011 | SonicWALL SSL-VPN NetExtender Adapter

1 Answer

VPN tunnel establish using FQDN for remote end point address


Yes you can do as you expect.
ScreenOS Concepts & Examples ScreenOS Reference Guide, Volume 5: Virtual Private Networks Chapter 4 -- Site-to-Site Virtual Private Networks

"Route-Based Site-to-Site VPN, AutoKey IKE" Example
"Route-Based Site-to-Site VPN, Dynamic Peer" Example
"Route-Based Site-to-Site VPN, Manual Key" Example
"Setting AutoKey IKE Peer with FQDN" Example
"VPN Sites with Overlapping Addresses" Example ScreenOS 5.4: http://www.juniper.net/techpubs/software/screenos/screenos5.4.0/CE_v5.pdf

ScreenOS 6.0: http://www.juniper.net/techpubs/software/screenos/screenos6.0.0/CE_v5.pdf

May 03, 2009 | Juniper Networks (SSG-20-SH-WW)...

2 Answers

Can tlog in sg300 using a satellite remote access


Accessing a VPN through a BGAN should be fairly simple. It sounds like some of the settings for the VPN might have changed. If you changed any settings on your computer, or if you have added any type of security settings or firewall. If you need any assistance with your BGAN let us know. We do sales of Satellite internet terminals such as Thrane & Thrane, Wideye Sabre, Hughes, Fleet Broadband, and much more. We also do repair of Broadband satellite terminals. You can visit our website at www.BlueCosmo.com, or call us at 877-258-3496.bcrepairs.png

Dec 31, 2008 | Secure Computing SnapGear SG300...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

96 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...