Vous êtes sur la page 1sur 40

Five Best VPN Tools

Jason Fitzpatrick
3/07/10 9:00am
Filed to: HIVE FIVE
1.3M
1059

VPN software lets you join private networks as though you're sitting at a local computer
on that network, giving you access to shared folders and tons more handy stuff. Here's a
look at five of the most popular VPN tools.

Photo by Noah Sussman.

VPN software brings the security of a private network to an insecure network, and
allows you to access private local networks from anywhere. As we've explained in the
past, you can do things between computers on your local network you can't from out on
the internet: like listen to a shared iTunes library or access files in shared folders.
Virtual private network applications give you access to your computer from anywhere on
the internet as if you were home on your local network. Earlier this week we asked you
to share your favorite software for establishing and maintaining virtual private
networks. We rounded up the votes, and now we're back with the five most popular VPN
applications.

Which VPN Tool is Best?


There's no place like home when it comes to security, and VPNs allow you to connect into
aRead more

If you're new to the idea of virtual private networks, you can read up on the technical
nitty-gritty at the Wikipedia entry for VPNs. Note: This Hive Five contains both VPN
server applications (the apps that create virtual private networks on your local network
so it's accessible from the outside world) and VPN client applications (the apps that
connect to virtual private networks from the outside world). In many instances
companies produce VPN servers, VPN clients, VPN servers with accompanying clients,
or VPN clients that are designed to work with a variety of servers.

OpenVPN (Windows/Mac/Linux, Free)

OpenVPN is an open source VPN server that's easy to set up for use with open source
VPN clients. You can easily export configuration files from OpenVPN to import into a
variety of open source and commercial clients. OpenVPN is also integrated into several
router firmware packages including popular DD-WRT, OpenWRT, and Tomato. The
OpenVPN system isn't compatible with popular commercial VPN providers, but it
provides an open source and free alternative for setting up VPNs to expensive and
closed commercial models.
Turn your $60 router into a $600 router
Of all the great DIY projects at this year's Maker Faire, the one project that really caught
Read more

Cisco VPN (Windows/Mac/Linux, Variable Cost)

Cisco has a high market saturation in corporate and educational environments, and for
many of you, any experience you've had with virtual private networks is through such
exposure. The price to run a Cisco VPN is highly variableand you can't even get a
concrete number without a quote from the companybut you can, as an end user,
download the free Cisco VPN client for Windows and Macthough many readers
complained about the lack of 64-bit support in the free Cisco client.

LogMeIn Hamachi (Windows/Mac/Linux, Free)

Hamachi's strongest attribute is its ease of use. If you've read some of the other entries
in the Hive Five and realized that you don't want a contract for a corporate VPN or the
hassle of configuring a bunch of routers with open-source firmware packages, and you
just want to set up a simple virtual network between you and your friend, your phone, or
your office, Hamachi offers nearly instant deployment. Install the Hamachi client on all
the machines and devices you want to connect into your network and add them to your
Hamachi VPN and you're done. It's dead simple. The downside, if you're concerned
about it, is that your VPN isn't locally managedit's centrally managed by Hamachi
through their servers.
Geek to Live: Create your own virtual private network with
Hamachi
by Gina TrapaniRead more

Shrew Soft (Windows/Linux, Free)

Shrew Soft offers a VPN that, while popular in its own right, received quite a boost when
people started adopting Windows 7 64-bit in droves and found that Cisco wasn't in any
hurry to release a 64-bit client to accommodate them. Shrew Soft works with a variety of
VPN server protocols including IPsec, OpenSWAN, freeSWAN, and strongSWAN.

Windows Built-In VPN (Windows, Free)

Windows has a built-in VPN client. Surprised? Many people are. It's not a heavily
advertised feature, but it covers many people's needs. Before exploring other client
solutions, it's worth pulling up the quick launch box in the Windows start menu and
typing "VPN" to start the configuration process. In Windows versions prior to Windows
Vista, the built-in VPN client received a fair amount of criticism for lacking features and
supported protocols. Since Vista and especially in the Windows 7 implementation, it's
grown significantly and unless you need a feature or standard that isn't implemented
you may not need to install anything at all.
Now that you've had a chance to look at the five most popular VPN solutions, it's time to
cast your vote in the poll below:

Which VPN Tool is Best? (Poll Closed)

Cisco VPN 13.15% (779 votes)

OpenVPN 28.59% (1,694 votes)

LogMeIn Hamachi 27.68% (1,640 votes)

Shrew Soft 3.88% (230 votes)

Windows Built-In VPN 18.63% (1,104 votes)

Other 8.07% (478 votes)

Total Votes: 5,925

An honorable mention goes out to the Mac OS X built-in VPN client. Have a VPN tip,
trick, or application to share? Let's hear about it in the comments.
Gear from Kinja Deals
The Aeropress Is Still The Easiest Path To Great Coffee

A Eulogy For The Bodum Bistro Automatic Pour-Over Coffeemaker


Black Friday Came Early For Amazon's Best Small Tablet

Reply105 replies
All replies
The following replies are approved. To see additional replies that are pending approval, click
Show Pending. Warning: These may contain graphic material.
Show pending

lordargentJason Fitzpatrick
3/07/10 10:56am

I have tried a lot of VPN clients in ubuntu to try to connect to a Cisco VPN system, they each
had their own issues.

I eventually ended up creating a script to run VPNC in a shell window.

First, you need a .conf file with the following lines.

IPSEC gateway someserver.somedomain.com

IPSEC ID yourid

IPSEC secret yoursecret

Xauth username ageorge

Then a .sh file

sudo vpnc natt-mode cisco-udp /home/yourlogin/vpn_script/yourconf.conf no-detach

You will get prompted for your sudo password, and then for your VPN login+key.


o lordargent
3/07/10 11:23am
VPNs: What They Do, How They
Work, and Why You're Dumb for
Not Using One

Andrew Tarantola
3/26/13 3:40pm
Filed to: GIZ EXPLAINS
911.4K
1189
For as ubiquitous as connectivity has become and how reliant we've grown on it, the
Internet is still a digital jungle where hackers easily steal sensitive information from the
ill-equipped and where the iron-fisted tactics of totalitarian regimes bent on controlling
what their subjects can access are common. So instead of mucking around in public
networks, just avoid them. Use a VPN instead.

A Visual Breakdown of How Iran Censors the Internet


What does a hierarchy of online censorship look like? In Iran, a lot like this. Design studio
Read more

Between Wi-Fi spoofing, Honeypot attacks, and Firesheep, public networks really are
cesspools. But if you're working remotely and need to access sensitive data on your
company's private servers, doing so from an unsecured public network like a coffee shop
Wi-Fi hotspot could put that data, your company's business, and your job at stake.

VPNs, or Virtual Private Networks, allow users to securely access a private network and
share data remotely through public networks. Much like a firewall protects your data on
your computer, VPNs protect it online. And while a VPN is technically a WAN (Wide
Area Network), the front end retains the same functionality, security, and appearance as
it would on the private network.

For this reason, VPNs are hugely popular with corporations as a means of securing
sensitive data when connecting remote data centers. These networks are also becoming
increasingly common among individual usersand not just torrenters. Because VPNs
use a combination of dedicated connections and encryption protocols to generate virtual
P2P connections, even if snoopers did manage to siphon off some of the transmitted
data, they'd be unable to access it on account of the encryption. What's more, VPNs
allow individuals to spoof their physical locationthe user's actual IP address is
replaced by VPN providerallowing them to bypass content filters. So, you may live in
Tehran but appear to live in Texas, enabling you to slip past the government filters
and commit the treasonous act of watching a YouTube video. The horror.

This Is Iran's New State-Sponsored YouTube Clone


Iran's never been a fan of the real Internet. It completely blocked off Google and Gmail
backRead more

Establishing one of these secure connectionssay you want to log into your private
corporate network remotelyis surprisingly easy. The user first connects to the public
internet through an ISP, then initiates a VPN connection with the company VPN server
using client software. And that's it! The client software on the server establishes the
secure connection, grants the remote user access to the internal network andbing,
bang, boomyou're up to your elbows in TPS reports. The horror.

Many security protocols have been developed as VPNs, each offering differing levels of
security and features. Among the more common are:

IP security (IPSec): IPSec is often used to secure Internet communications


and can operate in two modes. Transport mode only encrypts the data packet
message itself while Tunneling mode encrypts the entire data packet. This
protocol can also be used in tandem with other protocols to increase their
combined level of security.
Layer 2 Tunneling Protocol (L2TP)/IPsec: The L2TP and IPsec protocols
combine their best individual features to create a highly secure VPN client.
Since L2TP isn't capable of encryption, it instead generates the tunnel while the
IPSec protocol handles encryption, channel security, and data integrity checks to
ensure all of the packets have arrived and that the channel has not been
compromised.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS): SSL
and TLS are used extensively in the security of online retailers and service
providers. These protocols operate using a handshake method. As IBM explains,
"A HTTP-based SSL connection is always initiated by the client using a URL
starting with https:// instead of with http://. At the beginning of an SSL session,
an SSL handshake is performed. This handshake produces the cryptographic
parameters of the session." These parameters, typically digital certificates, are the
means by which the two systems exchange encryption keys, authenticate the
session, and create the secure connection.

Point-to-Point Tunneling Protocol (PPTP): PPTP is a ubiquitous VPN


protocol used since the mid 1990s and can be installed on a huge variety of
operating systems has been around since the days of Windows 95. But, like L2TP,
PPTP doesn't do encryption, it simply tunnels and encapsulates the data packet.
Instead, a secondary protocol such as GRE or TCP has to be used as well to
handle the encryption. And while the level of security PPTP provides has been
eclipsed by new methods, the protocol remains a strong one, albeit not the most
secure.

Secure Shell (SSH): SSH creates both the VPN tunnel and the encryption that
protects it. This allows users to transfer information unsecured data by routing
the traffic from remote fileservers through an encrypted channel. The data itself
isn't encrypted but the channel its moving through is. SSH connections are
created by the SSH client, which forwards traffic from a local port one on the
remote server. All data between the two ends of the tunnel flow through these
specified ports.

These SSH tunnels are the primary means of subverting the government content filters
described earlier. For example, if the filter prohibits access to TCP port 80, which
handles HTTP, all user access to the Internet is cut off. However, by using SSH, the user
can forward traffic from port 80 to another on the local machine which will still connect
to the remote server's port 80. So as long as the remote server allows outgoing
connections, the bypass will work. SSH also allows protocols that would otherwise be
blocked by the firewall, say those for torrenting, to get past the wall by "wrapping"
themselves in the skin of a protocol that the firewall does allow.

To actually create the VPN tunnel, the local machine needs to be running a VPN
client. Open VPN is a popularand freemulti-platform application, as is LogMeIn
Hamachi. Windows users also have the option of using the native OS VPN client.

Five Best VPN Tools


VPN software lets you join private networks as though you're sitting at a local computer on
Read more on lifehacker.com

So whether you're a cubicle monkey, file pirate, or just don't want The Man getting all
grabby with your personal data, virtual private networks are the best means of securing
traffic short of copying it to a flash drive and driving there yourself.
[Wikipedia 1, 2 - What is My IP - Life Hacker - About - What is My IP
Address- Lifehacker - How Stuff Works - Image: alexskopje / Shutterstock,
Diagram: Ludovic.ferre ]

Why You Should Start Using a VPN (and How to Choose the Best
One for Your Needs)
You may know what a VPN, or Virtual Private Network, is; you probably don't use one.
YouRead more on lifehacker.com
Gear from Kinja Deals

Bestsellers: Kindle Paperwhite


Jackery Stuffed a Battery Pack Inside a Lightning Cable

Black Friday Came Early For Amazon's Best Small Tablet

Reply118 replies
Andrew Tarantolas Discussions
All replies

FujiS2500HDAndrew Tarantola
3/26/13 4:40pm

"For example, if the filter prohibits access to TCP port 80, which handles HTTP, thereby
cutting off all user access to the Internet. "
I read this sentence at least 5 times before realizing that it's a fragment.
Reply2 replies

o Andrew TarantolaFujiS2500HD
3/26/13 4:48pm
Good catch, fixed, thanks.
Reply
View all 118 replies

Also, the VPNC controls built into network-manager were totally broken for me. (I
could connect to VPN from home, but from work, I could not).

This was on jaunty.


Reply

o Lifeboylordargent
3/07/10 1:11pm

@lordargent: Have you encountered any disconnects after long periods of


connection, and have you resolved that by any chance?

I use the "VPN Connection" from the Network Manager applet on the top panel. I
see that between 7.5-8 hours of connect time, the connection is dropped, each time
I connect.
Reply

o Glen Petersonlordargent
3/08/10 6:05am
@lordargent: A couple years ago, I thought I had to compile my own Linux Cisco
client from source. It took many hours, but I was able to do it. Unfortunately, a new
kernel came out the next day (meaning I'd have to recompile with the new
headers). That's when I discovered vpnc and that has made all the difference.
Reply

o Glen PetersonLifeboy
3/08/10 6:10am

@Lifeboy: I wonder if the server is configured to drop the connection after 8 hours
to force you to log in again to be sure it's you and not someone else who hijacked
your connection.

You probably already disabled the DPD idle timeout?

These are some settings I found useful in my /etc/vpnc/default.conf:

# These are not real usernames

# and passwords, but having

# bogus ones suppresses the

# prompts.

Xauth username bogus

Xauth password bogus

# Set to zero to disable

# timeout

DPD idle timeout (our side) 3600


Reply
Show more replies in this thread
SirDrinksalotJason Fitzpatrick
3/08/10 5:43am
What I've always liked about Hamachi is it doesn't hijack your entire internet connection, it
just makes a second private network connection. What I've never been really clear on is if
you can configure the other VPN's to work the same way. Have access to my home network
but then browse from my local network.
Reply

o geekworkingSirDrinksalot
3/08/10 9:14am
@SirDrinksalot: This is basically a routing setting that can be change in most VPN
software. Most default to all traffic through the VPN for security reasons. For
example, if your laptop gets a backdoor trojan the bad guys could tunnel through
your connection into the corporate network. If all your traffic was forced through
the VPN then the company's security software has a chance to try to catch and
prevent the connection to the outside hacker.
Reply

wygitJason Fitzpatrick
3/07/10 9:51am

Where can you, as an end user, "download the free Cisco VPN client for Windows and Mac"?

If you have an IT department that doesn't grab updates using their account, you're just
hosed.

from Cisco:
1. If you have a SMARTnet support contract and encryption entitlement, download the free
Cisco VPN Client.

2. If you do not have a SMARTnet support contract and encryption entitlement, get the
Cisco VPN Client on CD from your reseller. Use the Partner Locator to find a reseller.

3. If you don't know, ask your IT department whether they already have the Cisco VPN
Client.
Reply

o jeffkwwygit
3/07/10 12:13pm

@wygit: If your IT department wants to allow access to the Cisco VPN, they give
you the VPN client.

If not, they don't want you on the VPN, or your organization essentially has no
VPN.
Reply

o nashixjeffkw
3/07/10 1:55pm
@jeffk: Actually , the IT department could be lagging behind the times, mostly
because "If it ain't broke....". They may provide a 32-bit Cisco VPN client which is
broken in every sense of the word on a 64-bit Windows machine.
1
Reply

o nicekellynashix
3/15/12 3:59am
All of this count for one measure that plays a vital role in the protection of your
data, and that is installing VPN service in public cafs or hot-spots. nice describe
here [www.purevpn.com]
Reply

dimo414Jason Fitzpatrick
3/07/10 3:53pm
Other tools may be faster or more powerful, if you have your own VPN sever, but for
personal use, Hamachi blows everyone else out of the water. I have it installed on all my
computers, and I can connect to them easily no matter where in the world I am, without any
modifications to the firewall settings on my router(s) - critically important for accessing
machines I leave at school when I'm not there. Works like magic.
Reply

o Pewliedimo414
3/07/10 4:49pm
@dimo414: Have you tried NeoRouter. You run your own server, and it was just as
fast or faster than Hamachi.... and supports more than just Windows.
Reply

o jaxunPewlie
3/08/10 4:02pm

@Pewlie: Based on your tip, I tried it. Never heard of it before yesterday. LOVE IT!
Much better for a small business situation with multiple sites than Hamachi.

It's tips like this that keep me hunting through the comments on Lifehacker for the
gold.

Thanks!
Reply
billpetecomJason Fitzpatrick
3/07/10 10:44am

Should the last title read Windows built-in VPN client, rather than a second Shrewsoft title?

Also, I think next weekend I'm going to set one of these up. I'd really like to have my music
available on my laptop when I'm away from home.
Reply

o Magusbillpetecom
3/07/10 10:55am
@chrishw: If it's just a few files and some music you'd like available anywhere why
not try out Opera Unite?
Reply

o Rb3 ate OMG! Poniesbillpetecom


3/07/10 11:25am
@chrishw: I use windows live sync. it's like dropbox but no online storage so there
isn't a 2gb limit, just a 10k file number limit.
Reply

o billpetecomMagus
3/07/10 10:55pm
@Magus: It's quite a bit of music, and potentially movies if the speed is there. I'm
not getting my hopes up for the movies though.
Reply
What Is A VPN?
VPN or Virtual Private Network
A VPN or Virtual Private Network is a method used to add security and privacy to
private and public networks, like WiFi Hotspots and the Internet. VPNs are most often
used by corporations to protect sensitive data. However, using a personal VPN is
increasingly becoming more popular as more interactions that were previously face-
to-face transition to the Internet. Privacy is increased with a VPN because the user's
initial IP address is replaced with one from the VPN provider. This method allows
subscribers to attain an IP address from any gateway city the VPN service provides.
For instance, you may live in San Francisco, but with a VPN, you can appear to live in
Amsterdam, New York, or any number of gateway cities.
Sign up now and get a 3 day free trial VyprVPN account, includes free mobile and
desktop VPN software

VPN Security
Security is the main reason why corporations have used VPNs for years. There are
increasingly simple methods to intercept data traveling to a network. WiFi spoofing
and Firesheep are two easy ways to hack information. A useful analogy is that a
firewall protects your data while on the computer and a VPN protects your data on the
web. VPNs use advanced encryption protocols and secure tunneling techniques to
encapsulate all online data transfers. Most savvy computer users wouldn't dream of
connecting to the Internet without a firewall and up-to-date antivirus. Evolving
security threats and ever increasing reliance on the Internet make a VPN an essential
part of well-rounded security. Integrity checks ensure that no data is lost and that the
connection has not been hijacked. Since all traffic is protected, this method is
preferred to proxies.
Setting Up a VPN
Setting up a VPN is a straightforward process. It's often as simple as entering a
username and sever address. The dominant smartphones can configure VPNs using
PPTP and L2TP/IPsec protocols. All major operating systems can configure PPTP
VPN connections. OpenVPN and L2TP/IPsec protocols require a small open source
application (OpenVPN) and certificate download respectively.
VPN Protocols
The number of protocols and available security features continue to grow with time.
The most common protocols are:

PPTP - PPTP has been around since the days of Windows 95. The main selling
point of PPTP is that it can be simply setup on every major OS. In short, PPTP tunnels
a point-to-point connection over the GRE protocol. Unfortunately, the security of the
PPTP protocol has been called into question in recent years. It is still strong, but not
the most secure.

L2TP/IPsec - L2TP over IPsec is more secure than PPTP and offers more
features. L2TP/IPsec is a way of implementing two protocols together in order to gain
the best features of each. In this case, the L2TP protocol is used to create a tunnel and
IPsec provides a secure channel. This makes for an impressively secure package.

Open VPN - OpenVPN is an SSL-based VPN that continues to gain popularity.


The software used is open source and freely available. SSL is a mature encryption
protocol, and OpenVPN can run on a single UDP or TCP port, making it extremely
flexible.

VPN Providers
There are many choices when it comes to VPN providers. There are some VPN
providers who offer free service and there are some which charge for VPN service.
We have found that the paid VPN providers such as VyprVPNare preffered to the free
service providers. They offer robust gateways, proven security, free software, and
unmatched speed.
The following two tabs change content below.

Bio

Latest Posts

Brian Gilbert

Brian has been a website administrator with WhatIsMyIP.com since early 2006. He's
known in the forum as WIMIAdmin. He has an extensive computer background that
started back in the early 80's when his mom bought him his first computer, a Texas
Instruments TI-99/4A. Brian has turned his passion for technology into a full time gig.

Why You Should Start Using a


VPN (and How to Choose the
Best One for Your Needs)

Alan Henry
9/05/12 8:00am
Filed to: SECURITY
4.4M
24347
You may know what a VPN, or Virtual Private Network, is; you probably don't use one.
You really should be using a VPN, and even if you don't think so now, at some point in
the future you may consider it as important as your internet connection.

When we took at look at your five favorite VPN service providers, we noticed a few
things. First, being the "best" is big business for VPN providers, and they'll fight dirty to
be one of them. Second, there are so many VPN providers that it's difficult to choose a
really good one. VPNs are not all created equally, and in this post, we're going to look at
what a VPN is, why you want one, and how to pick the best one for you. Let's get started.

Five Best VPN Service Providers


If you have a need to encrypt and secure your internet connectionwhether you're using
anRead more

What Is a VPN?

Put simply, a Virtual Private Network, or VPN, is a group of computers (or discrete
networks) networked together over a public networknamely, the internet. Businesses
use VPNs to connect remote datacenters, and individuals can use VPNs to get access to
network resources when they're not physically on the same LAN (local area network), or
as a method for securing and encrypting their communications when they're using an
untrusted public network. Photo by Pavel Ignatov (Shutterstock).

When you connect to a VPN, you usually launch a VPN client on your computer (or click
a link on a special website), log in with your credentials, and your computer exchanges
trusted keys with a far away server. Once both computers have verified each other as
authentic, all of your internet communication is encrypted and secured from
eavesdropping.

The most important thing you need to know about a VPN: It secures your
computer's internet connection to guarantee that all of the data you're sending and
receiving is encrypted and secured from prying eyes.

Whether the VPNs you're familiar with are the ones offered by your school or business
to help you work or stay connected when you're traveling or the ones you pay to get you
watch your favorite shows in another country as they air, they're all doing the same
thing. For much more detail on what VPNs are, how they work, and how they're
used, check out this How Stuff Works article.

Why You Need a VPN, or How You Can Benefit from Using One
A VPN alone is just a way to bolster your security and access resources on a network
you're not physically connected to. What you choose to do with a VPN is a different
story. Usually, VPN users fall into a few separate categories:

The student/worker. This person has responsibilities to attend to, and uses a
VPN provided by their school or company to access resources on their network
when they're at home or traveling. In most cases, this person already has a free
VPN service provided to them, so they're not exactly shopping around. Also, if
they're worried about security, they can always fire up their VPN when using
airport or cafe WI-Fi to ensure no one's snooping on their connection. Photo
by Ed Yourdon.

The downloader. Whether they're downloading legally or illegally, this person


doesn't want on some company's witch-hunt list just because they have a
torrenting app installed on their computer. VPNs are the only way to stay safe
when using something like BitTorrenteverything else is just a false sense of
security. Better safe than trying to defend yourself in court or paying a massive
fine for something you may or may not have even done, right?

The privacy minded and security advocate. Whether they're a in a strictly


monitored environment or a completely free and open one, this person uses VPN
services to keep their communications secure and encrypted and away from
prying eyes whether they're at home or abroad. To them, unsecured connections
mean someone's reading what you say.

The globetrotter. This person wants to watch the Olympics live as they happen,
without dealing with their crummy local networks. They want to check out their
favorite TV shows as they air instead of waiting for translations or re-broadcasts
(or watch the versions aired in other countries,) listen to location-restricted
streaming internet radio, or want to use a new web service or application that
looks great but for some reason is limited to a specific country or region.

Some combination of the above. Odds are, even if you're not one of these
people more often than not, you're some mix of them depending on what you're
doing. In all of these cases, a VPN service can be helpful, whether it's just a
matter of protecting yourself when you're out and about, whether you handle
sensitive data for your job and don't want to get fired, or you're just covering your
own ass from the MPAA.

Even if none of the above really sound right to you, you can still benefit from using a
VPN. You should definitely use one when you travel or work on an untrusted network
(read: a network you don't own, manage, or trust who manages.) That means opening
your laptop at the coffee shop and logging in to Facebook or using your phone's Wi-Fi to
check your email at the airport can all potentially put you at risk.

Do I Really Need to Worry About Security When Im Using Public


Wi-Fi?
Dear Lifehacker, I'm no idiot when it comes to security, and you guys have often mentioned
how Read more

We've shown you how to build your own VPN for remote gaming and browsing that also
protects your security, shown you how to make a VPN even more secure, and shown you
dozens of services that operate free and paid VPNs you can sign up for and use. We've
even put the question to you several times to tell us which VPN service providers you
think are the best. So how do you pick a solid VPN service?
Build Your Own VPN to Pimp Out Your Gaming, Streaming,
Remote Access, and Oh Yeah, Security
Even if you have no idea what a VPN is (it's a Virtual Private Network), the acronym alone
Read more

What Makes for a Good VPN?

The best VPNs offer a solid balance of features, server location, connectivity protocols,
and price. Some are great for occasional use, others are geared towards getting around
the location restrictions companies put on their apps and services, and others are
targeted at people who do heavy downloading and want a little privacy while they do it.
Here's what you should look for.

Protocol: When you're researching a VPN, you'll see terms like SSL/TLS
(sometimes referred to as OpenVPN support,) PPTP, IPSec, L2TP, and other VPN
types. We asked Samara Lynn, Lead Analyst for Networking and Small Business
at PCMag, whether or not a user shopping for a VPN should shop for one over
another. "SSL is what is commonly used these days. All of these protocols will
provide a secure connection," she explained, and pointed out that most solutions
are invisible to the end-user anyway. Strictly, each protocol has its benefits and
drawbacks, and if you're concerned about this (specifically, PPTP vulnerabilities,)
you're probably already aware of them. Most users don't need to be concerned
about thiscorporate users on the other hand, are probably all using IPSec or
SSL clients anyway.

Corporate and Exit Locations: Depending on what you're using a VPN for,
your service's locationand the exit locations you can chooseare important to
consider. If you want to get around a location restriction and watch live TV in the
UK, for example, you want to make sure your VPN service provider has servers in
the UK. If you're concerned about privacy or state-sponsored snooping, you may
want to pick a service operated outside of your home country. Similarly, if the
service is based on the US, they're subject to US laws, and may be forced to turn
over usage data to the authorities upon request. Many people make more of this
than they should (we've seen overseas services turn over their data to friendly
governments without any hesitation repeatedly), but it's important to make sure
a VPN has servers in multiple locationsor at least the location you're interested
inwhen shopping.

Logging: When you connect to a VPN, you're trusting the VPN service provider
with your data. Your communications may be secure from eavesdropping, but
other systems on the same VPNespecially the operatorcan log your data if
they choose. If this bothers you (e.g., you're the privacy/security advocate or the
downloader), make absolutely sure you know your provider's logging policies
before signing up. This applies to location as wellif your company doesn't keep
logs, it may not matter as much where it's located. (There's a popular rumor that
US-based VPN providers are required to log, in case the government wants
them. This isn't true, but the government can always request whatever data they
have if they do log.) For a good list of VPN providers that don't log your activities
when connected (and many that do), check out this TorrentFreak article.

Anti-Malware/Anti-Spyware Features: Using a VPN doesn't mean you're


invulnerable. You should still make sure you're using HTTPS whenever possible,
and you should still be careful about what you download. Some VPN service
providersespecially mobile onesbundle their clients with anti-malware
scanners to make sure you're not downloading viruses or trojans. When you're
shopping, see if the providers you're interested in offer anti-malware protection
while you're connected. For example, previously mentioned Hotspot Shieldoffers
malware protection to its premium users. It may not be a dealbreaker for you, but
it's always good to have someone watching your back.
Mobile Apps: If you're going to spend money on a VPN service provider (or
even if you use a free one, frankly), you should be able to get a consistent
experience across all of your devices. Most prominent providers offer desktop
and mobile solutions for individual users, and while corporate and school
networks may be a bit behind the curve here, they're catching up too. Make sure
you don't have to use two different VPNs with two different policies and
agreements just because you want to secure your phone along with your laptop.

Price: Finally, go into your user agreement with both eyes open. You should read
the privacy policy for the service you're interested in, and be very aware of the
differences between free and paid services. For example:

Free VPN Providers are more likely to log your activities and serve contextual ads
while you're connected. They're also more likely to use your usage habits to tailor
future ads to you, have fewer exit locations, and weak commitments to privacy.
They may offer great features, but if logging and privacy are important to you,
you may want to avoid them. However, if you just need quick, painless security
while traveling on a budget, they're a great option.

Subscription VPN Providers usually take your privacy a bit more seriously, since
you're paying for the service. It's unusual for them to show ads, although whether
they do logging or store data about your usage varies from company to company.
They usually offer free trials so you can give the service a shot first, but
remember: just because you're paying for a service doesn't mean you shouldn't do
your homework.

A mix of features and price make a good VPN, but plenty of bad VPNs masquerade as
good ones. Look for articles written by trustworthy sources that discuss the merits of
each service based on its features, versus simple rundowns and user testimonials, which
are almost always polluted by a combination of fanatical users and corporate
bootstrapping in attempt to get their names out to potential customers.

Which VPNs Are The Best?


When we ran our recent Hive Five on VPN service providers, we heard from VPN
providers begging to be included, angry CEOs who claimed their company was
maliciously left out, and others accusing some of the contenders of illegal or unethical
behavior. We took at look at the poll and the claims, and while there's no definitive proof
the poll was gamed, we decided to come up with our own top five, based on our own
research rather than reader feedback, that are great whether you're the privacy
advocate, the student, or the downloader.

Private Internet Access

Supports: Windows, OS X, Linux, iOS, Android


Protocols: SSL, PPTP, IPSec, and L2TP. You can also configure Private Internet Access
to work on your DD-WRT or Tomato router (via SSL/OpenVPN) for constant security.
Home Country: United States, and has exit servers in the US, Canada, the UK,
Switzerland, Romania, and the Netherlands.
Logging Policies: The service keeps no logs of your activity whatsoever (in fact, the
only things they do keep are your email address and payment information,) uses shared
IPs, and has committed to keeping your data private. Price: Pricing starts at $7/mo to
$40/yr, and you can read more about their plans and pricing here.

proXPN

Supports: Windows, OS X, iOS


Protocols: SSL, PPTP.
Home Country: United States, with exit servers in the US, The Netherlands,
Singapore, and the UK.
Logging Policies: proXPN keeps minimal logs of your activity. proXPN collects your
email address, payment information (if you're a premium user,) bandwidth usage,
connection duration, and login/logout times. They've committed to only keeping those
logs for 14 days or less, and promise to never share their logs with anyone, period.
Price: proXPN has a free plan, which limits your transfer speeds to 300kpbs and
restricts you to one exit location (Miami) in the United States. Premium accounts unlock
support for PPTP (if you want to connect a mobile device or a router,) remove the
transfer cap, and allows you to choose from any of the company's other exit locations.
Premium plans start at $10/mo, and you can read more about their pricing and plans
here.

TorVPN

Supports: Windows, OS X, Linux, iOS, Android


Protocols: SSL (they often refer to it as OpenVPN), PPTP, and full SSH tunneling.
Home Country: Hungary, with exit servers in Hungary.
Logging Policies: The service doesn't log your connection aside from bandwidth usage
to compare against your quota, and your payment details. They also are committed to
your privacy, and specifically say they won't surrender their data without a Hungarian
court order.
Price: Free TorVPN users are limited to 1GB/mo downloaded before they're cut off, and
Premium accounts start at 5 EUR/mo ($7mo) for 5GB/mo and go up to 30 EUR/mo
($38/mo) for 100GB. Keep in mind they have a no-refunds policy, and that even though
you ride the Tor network, they're a separate entity from the Tor Project. You can read
more about their pricing and plans here.

TorGuard
Supports: Windows, OS X, Linux, and iOS and Android via built-in VPN
Protocols: SSL (OpenVPN), PPTP, and L2TP, (with 256 bit security)
Home Country: Panama, with exit servers in The Netherlands, Romania, Ukraine and
Panama.
Logging Policies: TorGuard wholeheartedly supports privacy, so you can feel a bit
more secure that your connection is secure and anonymous. They purge their logs daily,
and only keep payment information and registration info. They don't even keep
login/logout times.
Price: Depending on whether you're the privacy advocate, the downloader, or a
combination of the two, TorGuard offers plans specifically for anonymity (starting at
$6/mo), for torrenting (starting at $5/mo), or for overall VPN services ($10/mo). You
can read more about TorGuard's pricing and plans here.

WiTopia

Supports: Windows, OS X, Linux, iOS, Android, webOS, Chromebooks.


Protocols: SSL, PPTP, IPSec, and L2TP (with 256 bit security)
Home Country: United States, with exit servers in 10 US cities, and countries in Latin
and South America, Asia, Australia, Europe, Africa, and the Middle Eastway too many
to list here.
Logging Policies: WiTopia does not log information that can be attributable to
individual users, purges logs weekly, and only saves registration information and
payment details when you sign up.
Price: $50/yr to $70/yr depending on the level of encryption and protocols you need.
They also sell a VPN router you can take with you when you travel. You can read more
about WiTopia's pricing and plans here.

Alternatively, Roll Your Own VPN


We've shown you how to roll your own VPN using Hamachi, and even how to set
up Privoxy to secure your web browsing once you have your personal VPN set up.
Hamachi isn't the only option: you can also download and configure OpenVPN (a free
SSL VPN) on your own home server,, or if you have a router that supports it, enable
OpenVPN on your home router so you can connect back to it when you're abroad.
Combined with Privoxy, you get the privacy and anonymity benefits of a VPN without
spending a dime.

How to Secure and Encrypt Your Web Browsing on Public


Networks (with Hamachi and Privoxy)
When you're browsing from a public Wi-Fi connectionlike at your favorite coffee shop
anyoneRead more

Both of these options put control in your hands, and while they're not quite as
anonymous as subscription methods or offer international exit locations, they do give
you the the most important benefits of a VPN: security, privacy, and anonymity while
you're away from home.

Samara Lynn is Lead Analyst, Networking and Small Business at PCMag.com. You
can follow her on Twitter at @samaralynn. She graciously volunteered her expertise
for this post, and we thank her.

Title image remixed using konmesa (Shutterstock) and Toria (Shutterstock).


Gear from Kinja Deals
Your Pick For Best Paring Knife: Wusthof Classic

Bestsellers: Rubbermaid FreshWorks Produce Saver Containers


Black Friday Came Early For Amazon's Best Small Tablet

Reply243 replies
Alan Henrys Discussions
All replies

AbeGAlan Henry
6/17/14 9:34am

I think that the most important question to ask VPN companies like these is also the most
difficult to properly answer:

How does the end-user know that his/her traffic is not being sniffed by the VPN
provider?

Security advocates point out that your network traffic can be monitored by whoever is
providing your internet connection, whether it's your ISP at home or a public WiFi signal. A
VPN provider is supposed to protect your privacy by routing your traffic through their
servers instead. However, the core issue still seems to go unresolved.

Here is an honest disclosure on the part of CyberGhost:

https://support.cyberghostvpn.com/index.php?/Kno
2
Reply1 replies

o Alan HenryAbeG
6/17/14 9:48am

Indeed. I approached this topic in this article:

http://lifehacker.com/how-do-i-know-
1
Reply1 replies

o pjamiesAlan Henry
4/13/15 3:21pm
Its 2015 dude, maybe time to update your article and VPN choices ... Yes?
1
Reply1 replies

o Alan Henrypjamies
4/13/15 3:26pm

We ran a more up-to-date poll on the top five VPN service providers just last
year: http://lifehacker.com/5935863/five-b

I think those recs are still solid, and the recs above are still good ones too, all things
considered!
Reply

K3lv1nAlan Henry
7/30/13 1:05pm
> a guide to internet anonymity
5
Reply

o Alan HenryK3lv1n
7/30/13 1:09pm
I love this. Where did you find it?
Reply

o K3lv1nAlan Henry
8/09/13 12:02pm
Sorry about the late reply, I've not been on LH for a little while. I came across it
when looking for further information about an article a friend had posted on
facebook about the NSA, I can't remember the site I got it from unfortunately. If I
can dig it up, I'll let you know. :) http://anonforliberty.com/index.html is for the
people who produced the above guide.
1
Reply

o K3lv1nAlan Henry
8/09/13 12:04pm
http://anonforliberty.com/index.html
1
Reply

o coleAlan Henry
4/24/16 12:26pm
Tor is even better it allows anonymous browsing and it has a Linux os based on it
called Tails. There homepage is https://www.torproject.org

Reply
o Alan Henrycole
4/24/16 12:52pm

Thats not quite accurate. Tails is an OS (one you should run from a live CD or USB
drive for best protection,) and Tor is the browser bundle thats included with it
(although you dont need Tails to use Tor.) Tor itself is great, but Tor has been
compromised several times, and its designed for anonymityNOT privacy. For
more information:

http://lifehacker.com/what-is-tor-an

http://lifehacker.com/how-can-i-stay

In many ways, you may be better off using Tor ALONG WITH a VPN for the best
possible security, although some security experts consider that overkill. Personally,
Id prefer overkill than gaps in my security. :)
Reply1 replies

Vous aimerez peut-être aussi