Introduction to Virtual Private Network (VPN)

Article (PSA-0009)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Introduction to Virtual Private Network (VPN)
Original release date: July 17, 2018

Introduction to Virtual Private Network (VPN)

A VPN provides a secure way of connecting to a remote network over a public network (the Internet). This remote network is typically a private network, such as your workplace or home network. A “tunnel” is created through the public network to your private network at the other end. All network traffic through this tunnel is encrypted to ensure it is kept secure and private.

What can you do with VPN?

With a VPN you are able to do a number of things you wouldn’t otherwise be able to do with a standard network connection. For example:

  • Network Security & Privacy: All network traffic through your VPN connection is encrypted and therefore secure. This allows you to use public networks (motels, coffee shops, etc.) knowing your network traffic is safe and secure. Without VPN it is relatively easy for other people to view your network traffic, see what you are doing online, and possibly steal your information and login details.
  • Access Your Workplace/Home Remotely: You can connect to your workplace/home VPN and have access as if you were physically in the office/house. You can then do things like access file servers, computers, databases, email, internal webpages, and other services you might not have access to outside of your work network.
  • Access Restricted Content: By connecting to a VPN server in another location you can make it appear to websites, using geolocation, that you are physically in the correct location for access. So when you’re travelling overseas you can still view websites you would normally use at home, such as television, movie and music streaming websites.
  • Avoid Censorship: VPN allows you to bypass censorship and access websites and services which may otherwise be blocked. Some countries impose censorship on Internet access while in that country, and a VPN provides a way to still maintain access to the services you would normally use.
  •  
    How does VPN work?

    A typical VPN consists of two components: a VPN client and a VPN server.

    A VPN client is software that allows you to connect your computer to a VPN server and establish a VPN connection. It is installed on your computer and communicates with the VPN server to create a secure link for your network traffic. The VPN Client is what you use to control the VPN connection. A VPN server is setup at the location you want to connect to, such as at a workplace or at home. A VPN server performs authentication to ensure only registered users can connect to the VPN.

    All network traffic through the tunnel created between the VPN client and the VPN server is encrypted to keep it private and secure.

    Should you use VPN?

    Even if you have no need to be able to access a private network remotely, a VPN is vital to ensure the security and privacy of your network traffic.

    Public networks, and in particular public wireless networks, provide an easy way for hackers and malicious users to listen in (“sniff”) on your network usage. This may allow them to see what web pages you are viewing, steal username and passwords, steal session information to be able to log into sites as you, and extract other private data. In addition, skilled hackers may perform a “man in the middle” attack. This allows them to not only monitor in depth your network traffic, but also alter your traffic or inject their own traffic in an attempt to fool a user into revealing important data.

    Using a VPN protects you from such attacks.

    If you are thinking about utilizing VPN services, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.

    IC3 Annual Report – 2017 Internet Crime Report

    Dear Reader,

    2017 was a milestone year for the FBI’s Internet Crime Complaint Center (IC3). On October 12, 2017, at 4:10pm, the IC3 received its 4 millionth consumer internet crime complaint.

    As the lead federal agency for investigating cyber-attacks by criminals, overseas adversaries, and terrorists, the FBI’s IC3 provides the public with a trustworthy and convenient reporting mechanism to submit information concerning suspected Internet facilitated criminal activity. The IC3 also strengthens the FBI’s partnerships with our law enforcement and private industry partners. As cyber criminals become more sophisticated in their efforts to target victims, we must continue to transform and develop in order to address the persistent and evolving cyber threats we face.

    The 2017 Internet Crime Report emphasizes the IC3’s efforts in monitoring trending scams such as Business Email Compromise (BEC), Ransomware, Tech Support Fraud, and Extortion.
    The report also highlights the Elder Justice Initiative promoting justice for the nation’s seniors. In 2017, IC3 received a total of 301,580 complaints with reported losses exceeding $1.4 Billion.

    This past year, the most prevalent crime types reported by victims were Non-Payment/NonDelivery, Personal Data Breach, and Phishing. The top three crime types with the highest
    reported loss were BEC, Confidence/Romance fraud, and Non-Payment/Non-Delivery.

    This year’s report features success stories from two different successful cases initiated from
    IC3 complaints. Additionally, the Operation Wellspring (OWS) Initiative continues to build the cyber investigative capability by utilizing Cyber Task Force officers, thus strengthening state
    and local law enforcement collaboration.

    We hope this report provides additional information of value as we work together to protect our nation against cyber threats.

    Scott S. Smith
    Assistant Director
    Cyber Division
    Federal Bureau of Investigation

    Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2017_IC3Report.pdf

    Introduction to Proxy Servers

    Article (PSA-0008)
    Submitted by: Billy Joe Long
    Company: PSA Computer Services
    Titled: Introduction to Proxy Servers
    Original release date: April 17, 2018

    Introduction to Proxy Servers

    You may not know it, but every time you visit a website or connect with someone online, your internet connection gives your “computer address” to the site or person you’re connecting with.

    This is done so the site or person knows how to get the requested information back to your computer. This “computer address” is technically known as your public Internet Protocol address or simply your “public IP address”.

    Without a public IP address, you wouldn’t be able to do any online activity and other people and services online wouldn’t be able to reach you either. IP addresses are how the online world connects to one another.

    Where does your IP address come from?

    Your public IP address comes from your Internet Service Provider or ISP. In our area the most common ISP’s are Suddenlink, AT&T, 101Netlink, or Frontiernet. Whoever you pay for Internet service is responsible for assigning your public IP address, as well as for your Internet connection. Your smart device also uses an IP address when you’re browsing the web or using an app.

    Most of us are happy to ignore the details of how all of this Internet stuff works, but there are a few concepts and security concerns about public IP addresses that we should be aware of as responsible Internet citizens. For example:

  • Your IP address identifies where you are in the world.
  • It links your name and home address to your IP address. Your name and information are used to purchase the Internet service, and the service provider gives you your public IP address thereby creating a direct link to you.

  • Many people are not comfortable with their personal information being so readily available on the Internet. If it bothers you as well, there are a few things you can do to make it more difficult to directly link your public IP to your other personal information. A solid first step is to use a proxy service or proxy server.

    So what is a “proxy server”?

    The word proxy means “substitute.” In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. It works like this: a client (you) are using a web browser to visit the psa-2.com support website, and your browser is setup to use a proxy server. After you type psa-2.com into your browser address bar, the request is sent to the proxy server. The proxy server then sends the request on to my server where psa-2.com is hosted. The homepage of my website is returned to the proxy server which then returns my homepage to your browser for viewing. This results in my website seeing the proxy server as the visitor, not you.

    What Are The Benefits?

    Now that you know the basics of how a proxy service or proxy server works, let’s see what the benefits are for you.

    Proxy servers can hide your IP address (if they are set to do this), can send a different user agent so that your browser is not identified and can block cookies or accept them but not pass them to your PC or device. Therefore, when using a proxy server, you can be a lot more anonymous than when using a direct connection to the Internet.

    Proxy servers may also have a role in improving security, especially when used in business networks. They can be set to block access to malicious websites that distribute malware and they can also provide encryption services so that your data is not easily mined by third-parties.

    Fair Warning

    Using proxy servers is not all about benefits and good stuff. They can pose problems as well, such as:

  • When using unencrypted connections, the proxy server can alter the responses you receive, both in good and bad ways. For example, an infected or malicious proxy server can be used to load malware into your browser or redirect you to a phishing website.
  • A proxy can alter the requests you make to a website or service on the Internet to generate results that meet someone else’s intentions.
  • A proxy server monitors and logs your activity. Therefore, it stores lots of information about you that can be used for identification at a later date.
  • Depending on how it was configured, a proxy server can provide unencrypted data where encrypted data was previously provided by the website or service you are using. This can expose you to network sniffing and having others monitor what you are doing on the Internet.

  • Conclusion

    As you can see, proxy servers can be very beneficial, but if not careful, they can also be problematic. It all depends on how they are configured, how they are secured and by whom they are administered. A proxy server may provide all the benefits mentioned above or none of them. It all depends on how it was set up and why it was set up.

    If you are thinking about utilizing a proxy service or proxy server, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.