About VPN

Do you need help choosing a Virtual Private network (VPN) or just want to learn more about a VPN? Below is some very useful information to help you choose a VPN provider depending on what you are looking to do online.

Most users are just looking to hide their IP address from site administrators in which case any of the top 7 VPN services I have listed below will do. Other users want maximum security for their wireless computing on unsecured public networks or wish to get around restrictions from their country such as access Skype from the Middle East or many of the blocked sites from China for example. While a small majority will just want to watch online media programs such as BBC and Hulu from outside the United Kingdom or channels such as ABC from outside the United States. In any case we will show you what to look for in a VPN service and will direct you where to go.

While some users may want the use of VPN for P2P (peer to peer) or torrent downloading they must beware that while many VPN companies may allow this, if they find that you are transferring data that has been pirated or is copyrighted they may terminate your access. It's always good to do your research on what VPN provider to choose before you sign up. I have already done the research on a lot of the good VPN providers so that you can avoid the many poorly run companies out there.

The top 7 VPN providers are - Hide My Ass VPN, Strong VPN, Vypr VPN, Overplay VPN, ibVPN VPN, Pure VPN and VPN Pro Net.

VPN Security

When your computer is attacked by a hacker, the attack is often directed directly at your known IP address. With a VPN account your IP will not be seen, only the VPN server IP will seen and this will protect your computer from attacks because hackers will think the IP they see is your computer IP when in reality it is the VPN server IP. Secure VPN's also use cryptographic tunneling protocols to provide confidentiality by blocking intercepts and packet sniffing, providing safety when you are on unencrypted wireless networks or other public networks.

Authentication

Tunnel endpoints must authenticate before secure VPN tunnels can be established. User-created remote access VPNs may use passwords, two-factor authentication, biometrics or other cryptographic methods to authenticate the session.

Network-to-network tunnels often use digital certificates or passwords, as they permanently store the key to allow the tunnel to establish automatically and without intervention from the user.

Encryption Levels

Encryption levels from different VPN providers range from 128bit - 4096bit. While 128bit is just fine for your average user, we like to stay on the safe side and go for a VPN with at least 256bit encryption such as Vypr VPN. You must also take note that the stronger the encryption protocol the slower the connection seems to be. So while some paranoid users like to find VPN providers with 2048 bit encryption, they will see a noticeable slow down in their connection speed.

Vypr VPN

Unless you work for the CIA or are planning some top secret world takeover 128bit would be fine for the average user.

To get an idea of what it would take to crack a 256 bit AES key. An attack against a 256-bit-key AES requiring 2200 operations using the brute force method would take far longer than the age of the universe to complete.

Logs

Some VPN companies will store logs of when you log in and out, data transferred and and connection drop outs etc. While this is acceptable to most users some people do not want the VPN company to keep any logs, even if they are deleted after 1 or 2 weeks which most companies do. We have also heard of some providers that store logs of what websites you visit, what you download, emails, usernames and passwords etc. We have not personally come across any of these but there is thousands of VPN providers out there that use the information for their own gain. Do not risk saving a few bucks going with an untrusted VPN provider. Stick with some of the top names such as Vypr VPN, ibVPN VPN or Strong VPN.

Because the terms of use and privacy policy is always being updated, it's good to read these on any VPN you choose to sign up with rather than me posting them here.

Network Tunnels (PPTP, IPSec, Open VPN)

When using a Virtual Private Network you need to be aware of the different types of Network Tunnels. Below is a very brief explanation on the 3 main ones used with the VPN services. You shouldn't really be too concerned about these as a general user but we will list them so you get an idea of what they are. If you have more questions please visit the security forum or ask the support team of your VPN provider and they will be glad to help.

PPTP - Microsoft Point-to-Point Encryption on tunnels using Microsoft's Point-to-Point Tunnel Protocol.

IPSec - IPSec has two modes, tunnel mode in which it provides its own tunnels and transport mode in which it provides encryption and authentication on tunnels created some other way.

OpenVPN - OpenVPN is a relatively new multi-platform tunnel type with excellent performance.

SSL and TLS

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are protocols that provide authentication and data encryption between applications in scenarios where that data is being sent across an insecure network.

SSL and TLS are generally considered equal in terms of security, the only difference being SSL connections begin with security and proceed directly to secured communications while TLS connections first begin the connection with un unsecure unencrypted "hello" to the other connection while authentication is made. Once authentication is made the "handshake" is made and the connections is then secured and encrypted. If the handshake fails than the connection is refused.

Both protocols will encrypt your data while it is sent over the unsecure internet and both will make sure that the server you are communicating with has not been hacked with a Man In The Middle attack - more below.

Strong VPN

Man In The Middle

When using a VPN it is beneficial to verify the certificate of the server you are connecting to. To avoid a possible Man-in-the-Middle attack where an authorized client tries to connect to another client by impersonating the server make sure to enforce some kind of server certificate verification by clients. There are currently five different ways of accomplishing this. Talk to the support team of your VPN provider for more information on this as it will differ between different VPN providers.

Shared or Dedicated IP Address?

A dedicated IP address is an IP address that is dedicated just to you and will not be used or shared with any other users of the VPN provider. The benefits of using a dedicated IP are that you will not be at risk of being blocked or banned from some services because of abuse from other users on shared IP addresses. You will have the sole rights to that IP address and you will not have to worry about fluctuating speed because you will have the server dedicated to yourself.

A shared IP address is the exact opposite. You will share the same IP address with hundreds or even thousands of other users. The benefits of using a shared IP address is that you can have access to many different servers in different countries and can normally change your IP at the click of a button. You will also become a lot more anonymous online as your activities cannot be tracked down to you because you are sharing the connections with hundreds or thousands of other users.

Shared IP addresses are a lot more popular but depending on what you want to use the VPN for you may want to go for a dedicated if you wish to keep the same IP address over a period of time rather than jumping around the world with different IP's in different countries.

What Country Do I Choose?

This will all depend on what you want to do with the VPN. If you wish to take advantage of the online media streaming from the United States than you will need an IP address in the United States for example. If you are just looking to get past the blocked restrictions on certain websites or Skype in your country than almost any country will do. Some VPN providers offer servers in the Netherlands which can be used for downloading.

The most popular countries used by all VPN providers are United Kingdom, USA, Canada, and Germany. Normally you will get unlimited changes between countries for free depending on what plan you purchase with the VPN provider, some will charge more for extra countries which is why we like Overplay VPN. You get access to more than 30 countries, thousands of shared IP addresses for only 1 low monthly fee.

Overplay VPN

Overplay VPN Overplay VPN

VPN for Mobile Phones

Please see our page on Mobile Phone Encryption.

VPN Services

Please see our page on VPN Services.

HideMyAss.com