In this tutorial, we’ll go over what virtual private network (VPN) is, why it’s essential to use one, and how to correctly set it up. We’ll also cover a few subjects such as Socks5 Proxies, proxy over Tor, and some using added security like virtual machines.
Why is a Virtual Private Network (VPN) important
Consider how much time you spend online and the amount of sensitive data you transmit over an Internet connection that is inherently insecure. If you don’t feel a creeping sense of dread come over you, then you must no know the dangers lurking at the opposite end of that server.
Those who are aware of the dangers of the Internet employ as many measures as is at their disposal to keep their data secure. Many of those security conscious individuals only became aware of the risks once their systems were breached or online accounts hacked.
Additionally, in December 2017, the Trump administration killed Obama-era Net Neutrality, which ensured that all Internet traffic was treated equally. With Net Neutrality lifted, broadband companies could slow down or entirely block applications or websites of perceived adversaries.
Worse yet, such unfettered power could lead to other abuses such as censorship for political reasons. And it isn’t only the United States; other countries are looking to do the same. With technology being used by others to monitor, track, stalk and control users, understanding how to use a VPN is essential in improving digital security.
The statistics speak for themselves
In April 2018, Careem, a middle east ride-sharing application similar to Uber, publicly announced hackers had compromised the data of approximately 14 million users back in January 2018. The cyber attack resulted in the loss of user names, email addresses, phone numbers, and trip data. Careem claimed no passwords or credit card information was stolen because such information is stored on external third-party servers not breached during the attack.
In May 2018, the most extensive data breach and release of the year took place in Japan when it was reported that over 200 million Japanese Internet users had their data put up for sale on a dark web cybercrime forum. The hackers extracted the data throughout numerous attacks and from more than 50 Japanese websites ranging from retail, food and beverage, entertainment, financial, as well as transportation.
The data for sale on the dark web forum varied but included real names, birth dates, physical addresses, email addresses, phone numbers, and, in some cases, passwords to an assortment of accounts.
As for cryptocurrencies, they’ve been by farthest the biggest target of cybercriminals this year, with approximately $1.1 billion in cryptocurrency stolen. And compared to the long list of other cyber attacks, taking people’s crypto is the easiest thing to do for even noob hackers. The primary method employed in hijacking cryptocurrencies is ransomware.
Rick McElroy, a strategist for Carbon Black Security, says, “ It’s surprising just how easy it is without any tech skill to commit cybercrimes like ransomware.” Ransomware programs are for sale all over the dark web and feature detailed tutorials on how to dispatch it.
Altcoins comprised 44 per cent of cyber-related attacks. This is because altcoins are much more difficult to trace than bitcoin, making it easier for hackers to get away Scott free.
And while all of this is going on, you have things going on like the Cambridge Analytica scandal where tens of millions of people’s personal information was harvested from social media giant Facebook.
VPNs only work if you practice good Operational Security (OpSec)
If you use a VPN and employ good operational security (OpSec) measures while conducting business online, you will be far less likely to fall victim to cyber attacks. This means using a VPN is only one aspect of the security mechanism. In order for a VPN to work, you’ll have to start practising a lot more secrecy, which means learning how to operate as a virtual unknown.
OpSec is a term used by the United States military for any analytical process used to thwart an adversary’s attempt at obtaining sensitive information that could compromise the secrecy or operational security of a covert mission. And despite the common misconception that OpSec is only for those operating illegally on the dark web, OpSec is about thinking offensively and defensively in everyday life.
Why you should care about OpSec
When topics such as Tor Browser, VPNs, and online anonymity come up, there is a saying that is repeated a lot: “If you have nothing to hide, you have nothing to fear.” This statement is as far from the truth as any statement can be, for everyone has something they want or need to hide because there is and always will be those who want to invade your privacy, tread on your rights, and steal your personal information.
Hackers are continually searching for and profiling potential targets, looking for that one small weakness in OpSec. An attacker only need invest less than a few hours of online recon using a mixture of manual and automated Open Source Intelligence (OSINT) techniques to obtain their target’s:
- Full name
- Date of birth
- SSN/NI number
- Mother’s maiden name
- Social media information/posts
- Mobile/work telephone numbers
- Email accounts and passwords
- Employment information
- Online digital footprint
- Financial information
A motivated attacker possessing the above information has all they need to do severe damage, especially if the target reuses passwords, uses an email or username that provides clues to your identity, or uses the same email as a login for multiple web applications. And though these basic mistakes in OpSec are reported in the media almost daily, millions of people become victims because of it.
But it’s not the noobie mistakes that genuinely define slips in OpSec, but rather the countless examples where sophisticated criminal organizations were systematically dismantled because they left behind tiny bits of data that led law enforcement to the real person.
The takedown of AlphaBay admin Alexandre Cazes perfect case and point
One of the most intriguing case studies of them all is the takedown of the AlphaBay, a once thriving darknet marketplace that was the brainchild of Alexandre Cazes. On July 5, 2017, Cazes was arrested in Bangkok, Thailand, in a joint operation led by Interpol, the NCA, the FBI, and other agencies.
Tracking a single email account Cazes used for his LinkedIn profile and his legal computer repair business located in Canada is all authorities needed to find the rest of the breadcrumbs.
How to set up and use a VPN appropriately
Now that we have covered what is VPN and why using a VPN is more critical than ever, it’s time to go over how to set up a VPN. The first step is to download ExpressVPN which offers download options for Mac, Windows, Linux, among others.
One of the great things about this VPN provider is it allows you to pay with bitcoin through Bitpay.
Once you’ve signed up and downloaded the VPN program, you’ll need to decide how you wish to set it up. There are a few ways you can use a VPN.
Installing VPN on your router
The advantage of using a VPN on your home or business router is you don’t have to install the application on every device that uses the router. This means anyone who visits your home or business can connect to your router and they’re automatically covered by your VPN.
After setting up the VPN on your computer, you will need to download and then install DD-WRT onto your router so it will function as a VPN client, allowing it to connect to the VPNs server. Originally designed to run on the Linksys WRT54G series router, this Linux-based firmware is now capable of running on a wide variety of models.
The DD-WRT site will ask you to enter at least three characters of the router’s name, manufacturer or revision. Once you find your router model, you can then download the files for that specific model.
DD-WRT replaces the original equipment manufacturer (OEM) firmware and provides some significant enhancements. An excellent way to think of it is a “software” that operates your router. Additionally, the DD-WRT firmware enables you to configure the VPN service on the router.
Without DD-WRT, you will not be able to set up any VPN service on your router. This is because your stock router has limitations built into the default firmware. Upgrading the firmware to DD-WRT takes away those limitations, transforming into a robust commercial-class router featuring advanced functionality, including being able to run VPNs and their strong encryption algorithms and ciphers.
If your router doesn’t come with DD-WRT pre-installed, you’ll have to install it yourself using a process called “flashing.” It’s a simple thing to do but can be slightly tricky in some cases. If done incorrectly, your router can be irreversibly damaged and no longer usable. Furthermore, flashing a third-party firmware onto your router will void the warranty if it still has one.
In order to find out how to flash your particular model of router, you can Google “how to flash (model of router)” and you should find plenty of tutorials explaining how. For other information about flashing DD-WRT onto a router, you can visit this DD-WRT FAQ.
Once you’ve flashed your router and installed the VPN, you can run all of your devices through one VPN without having to install it on all of them.
Android and iPhone tethering VPN passthrough
It must be noted that in order to run an Android and iPhone tethering VPN passthrough, you may have to root your Android or jailbreak your iPhone. In most cases, this is pretty straightforward, nevertheless, it’s not suggested for everyone. You should only root or jailbreak your phone if you have the knowledge to do so and understand the risks associated with it. Just as with flashing a router, every model of phone is different so you will have to do some research before jumping into it.
Another good reason to run a VPN on your Android or iPhone is to protect yourself while using an unsecured or “open” Wi-Fi hotspot. Open hotspots also involve un-encrypted connections, which leave you vulnerable to hackers and nefarious people who want to steal information from your phone.
Using a VPN on your PC
Depending on whether you’re setting up the VPN on Windows or Mac iOS, you’ll have to go through different processes.
- Click on Cortana and type “VPN.” You can also open Settings and click on Network & Internet and then VPN.
- At the very top, you’ll see “Change virtual private networks (VPN).”
- Looking at the top of the VPN screen in settings, click “Add a VPN connection.”
- In the next screen, enter the VPN details.
- Under “VPN provider” choose “Windows (built-in)” in the drop-down menu.
- Fill out the “Connection name” and “Server name or address.”
- Now scroll down and fill in your username and password. This would have been provided by the VPN service provider.
- Click “Save” and close the settings application.
The process above works for the simpler VPN connection types like L2TP and PPTP, but for IKEv2 that requires you to install a root certificate from a VPN provider, you’ll have to handle things differently. Furthermore, not all services support IKEv2 which means using this method greatly depends on the VPN service provider you have chosen.
Using a VPN on your Mac
In order to connect to a VPN on your Mac, go to Network preferences. Now choose the “Apple” symbol. Choose “System Preferences” and then click “Network.” Select your VPN service in the list on the left side of the screen. If you see a Configuration pop-up menu, click on it next and choose a configuration. Please note that you may only find one configuration option. Then click on “Connect.”