From ForensicsWiki
Revision as of 22:00, 6 May 2009 by Baneki (Talk | contribs) (VPN and anonymity)

Jump to: navigation, search

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

VPN (Virtual Private Network) is a computer network in which some of the links between nodes are carried by connections in another network (with optional encryption).


Virtual Private Networks are widely used by organizations and individuals for different purposes:

  • Protecting confidential information in organizations;
  • Providing employees with secure remote access to the network;
  • Securing Internet traffic in insecure networks (e.g. open wireless networks).

Some VPN services are focused on providing solutions to promote fraud. In this case, VPN service is used for anonymity.

VPN and anonymity

  • Log files: VPN services may maintain usage logs, however some commercial consumer-oriented VPN services specifically configure their servers not to retain any logfile information of this type. An example is Cryptocloud (www.cryptocloud.net).
  • Protocol stack: TCP timestamps and IP ID values may be used in correlating incoming (encrypted) and outgoing (unencrypted) network streams. This type of "traffic analysis" can, in theory, be used to gather information about a fully-encrypted VPN connection - in practice, there are no known examples of traffic analysis being used against commercial VPN service providers.

See Also