Vpn Question

[s018mes]

I have my computer at home running a VPN server. When I take my laptop to work and connect to my VPN at home, will my work IT guys be able to see any of the traffic that I do between my VPN at home?

I think of the traffic in sort of a few steps:

1. From my computer to my work's Firewall/Router [which tracks all traffic flow}

2. Then to my router at home (basicly) which I know VPN's encyrpt this traffic

3. Then to my VPN server

4. Then back out to the wide web.

But Is my traffic hidden from step 1, when I say play a game like Runes of magic through the VPN connection? When I am at work, will they be able to see that I am trying to play a game? And please don't judge me for playing a game at work, just trying to understand how secure VPN are from the first beginning of the connection.

Thanks,

[psydT0ne]

They could probably remotely examine the processes on your pc at work to see what applications you may be running locally, regardless of the encrypted traffic its producing via the vpn.

For example...if they see crysis.exe (or whatever it may be called), I would be very suspicious as to what your up to if i monitor the traffic coming from your ip on my company network.

That's how i would think about things anyway, not so much about whats happening at the far end or in the middle, but where it all starts.

Kinda simplistic analogy but meh...that's how i tend to break things down :)

[s018mes]

They could probably remotely examine the processes on your pc at work to see what applications you may be running locally, regardless of the encrypted traffic its producing via the vpn.

For example...if they see crysis.exe (or whatever it may be called), I would be very suspicious as to what your up to if i monitor the traffic coming from your ip on my company network.

That's how i would think about things anyway, not so much about whats happening at the far end or in the middle, but where it all starts.

Kinda simplistic analogy but meh...that's how i tend to break things down :)

How could they remotely examine my processes? When I am connected to a network is my computer vulnerable to a process scan? If so, what tools are available to hide processes?

[psydT0ne]

well if your on a company network, I would think that members of your IT department would be domain admins?

using tools such as these:

http://technet.microsoft.com/en-us/sysinternals/bb896649

it would be easy to list the processes running on your computer on the network.

all i can say is, if your screwing about on company time, you're asking for your ass to be handed to you.

[Infiltrator]

Another reason I can think of, depending on your VPN configuration rather than using your server to do the DNS look up queries, you could be using their DNS servers instead.

As result they can still see what sites you are visiting.

1) What vpn server do you have?

2) what browser are you using?

3) How is the VPN set up on your computer?

[s018mes]

I am using the VPN service built into Win 7.

Firefox

But I am also trying to ensure that ALL internet traffic is being routed through the VPN not just Browser traffic.

I am not sure about which DNS it is using, On the Properities of the VPN connection on the client side, it both the ipv4 and ipv6 are set to automatically obtain the addresses. Does that mean it may be using the client's network's DNS rather than the VPN's server side DNS ?

How does being "domain admins" within the client side network hinder the supposed secutiry of using a VPN to protect your data as stated by : Mnemonic . Isn't the point of a VPN to be able to trust that you are being completely protected, assuming you setup the VPN correctly? Which brings me to another question is there even a way to setup up the bulit in WIN7 VPN to be completely secure?

[psydT0ne]

it doesn't hinder the vpn at all.

but the vpn wont hide what your pc is running at your end only the traffic your producing.

[Infiltrator]

I am using the VPN service built into Win 7.

Firefox

But I am also trying to ensure that ALL internet traffic is being routed through the VPN not just Browser traffic.

I am not sure about which DNS it is using, On the Properities of the VPN connection on the client side, it both the ipv4 and ipv6 are set to automatically obtain the addresses. Does that mean it may be using the client's network's DNS rather than the VPN's server side DNS ?

How does being "domain admins" within the client side network hinder the supposed secutiry of using a VPN to protect your data as stated by : Mnemonic . Isn't the point of a VPN to be able to trust that you are being completely protected, assuming you setup the VPN correctly? Which brings me to another question is there even a way to setup up the bulit in WIN7 VPN to be completely secure?

1) Domain admins don't hinder the VPN security at all, it just gives you more privileges/access to system resources.

2) If you want a secure VPN solution, go with OpenVPN or SSH. I wouldn't trust Windows VPN for securing connections.

3) I would recommend using a mobile internet, instead of your company's internet, very simple reason you have complete control over it and no ones else is monitoring your traffic, apart from your ISP.

Edited July 17, 2011 by Infiltrator

[s018mes]

I do use my moblie internet tehtered to my laptop for that use. I was just curious about the level of security I could expect from a VPN. I just got excited when I setup for my very first VPN.

I Have heard Darin Talk about SSH, is that more, less, or just differently secure than a VPN?

One last question, if I use a VPN, the company could see that I am USING a vpn right?

[Infiltrator]

One last question, if I use a VPN, the company could see that I am USING a vpn right?

If you are using your company's network to establish a vpn connection, then yes they can see you are using a vpn.

What they can't see is the traffic between you and your VPN server, because of the encryption. But that would certainly raise questions in the sys admin office as to why you might be using a vpn.

Edited July 19, 2011 by Infiltrator