Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

VPN Question


  • Please log in to reply
4 replies to this topic

#1 ArcticPrince

ArcticPrince

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 25 August 2015 - 12:28 AM

Not sure if this is the correct forum, but here goes.  I work in a very remote location in Africa with no internet availability other then employer provided.  Employer does allow personal use but they have just recently decided to start blocking lots of sites.  They are even talking about blocking "any" site that allows any sort of streaming (facebook?).  We access via a local server that then ups to a Satellite and then back down to company server in the US and then out from there. As I understand VPN it is designed so that your server sees your connection to a pretty innocuous address and all traffic from that point on is "hidden" from the original server.  Probably clear as mud! 

 

My question, can the provider "see" that you are accessing a VPN from your private computer or do they just see random connections?



BC AdBot (Login to Remove)

 


#2 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:09:53 AM

Posted 25 August 2015 - 11:47 AM

What they will see is encrypted traffic flowing from your computer (you can see this with wireshark). If IT is smart enough they will know this is more than likely you connected to a VPN. They can probably check the known ports that VPN software uses (e.g. Cisco VPN) as well. While all they will be able to see is encrypted traffic, they will essentially know you are using a VPN. There is probably other ways to know, but these are what I thought of off the top of my head.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#3 ArcticPrince

ArcticPrince
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:08:53 AM

Posted 26 August 2015 - 09:04 AM

Thanks appreciate the answer.  Thats kind of what I thought, but wanted some confirmation. 



#4 mremski

mremski

  • Members
  • 498 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:09:53 AM

Posted 26 August 2015 - 09:41 AM

Is your VPN end point going to be under the companies control or is it a private VPN server elsewhere?  Keep in mind that satellite is often bandwidth limited (probably a root cause for their policy)


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:53 PM

Posted 27 August 2015 - 12:41 PM

You also have network appliances (like proxies) that categorize traffic based on their URL, content, ...

These appliances are able to recognize VPN traffic.

If your employer uses such devices, then it's easy for them to know what you are up to.

 

Anyways, what you are thinking to do is bypassing their policy. That can turn out good but it can also turn out bad.

For example, they can argue that you are exposing the corporate network to risk of malware, because your VPN connection is not scanned by the network anti-virus (if they have one).


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users