Monday, September 03, 2007

How to setup VPN on Windows

Manual File or Email Encryption

While this is the simplest way to avoid data theft, in the long run, it can also be the most tedious. Basically, every email message and every attachment sent is encrypted with PGP (Pretty Good Privacy) algorithms.
Pros
  • Not Really Any
Cons
  • Both the sender and the receiver need to agree on the same encryption key and have the same special software to unlock the data.
  • This only works with data chunks like email and files. Regular web browsing and login information is still done in plaintext.

SSL (HTTPS)

On some websites like Yahoo! and eBay, there is a function that allows you to “securely” login. In the URL address bar, if you see “https” instead of “http,” you’re in good shape. But most of the time, this is only available in financial sites.
Pros
  • Streamlined so that you don’t even notice it is working
  • All modern browsers support it.
Cons
  • This usually only applies to the HTTP (port 80) protocol. This will not work with any other protocol like FTP, Instant Messaging, and Email.

Remote Computing

Usually, remote computing incorporates a layer of encryption. Remote computing includes programs that utilize the VNC (Virtual Network Computing) Protocol or the RDP (Remote Desktop Protocol).
Pros
  • You keep the actual files on a server. You never send the complete data over the public network.
Cons
  • This can become very slow
  • Requires a computer at home to be always on

VPN

Virtual Private Networking is my favorite and recommended method of obfuscating data theft. Basically, it creates an encrypted virtual network connection from your computer to your server. Pretend you connect to your VPN from a public network. All information that you access on the Internet is encrypted as it is sent to your home network first. There, the server decrypts that data then sends it across the Internet. Therefore, nobody in the public network can see what you are doing since it is all encrypted. VPN works sort of like a seamless proxy server.
Pros
  • Seamless integration with all programs
  • If coupled with any of the methods above, you achieve at least double encryption.
Cons
  • Your network download speed is capped by the upload speed of your home network gateway.
  • Requires a computer at home to be always on
  • Requires a bit of configuration

Windows XP PPTP VPN Setup

I regularly use the public networks at the library, school, hotels, and Starbucks. I’ve found that in the long run, the most convenient and secure method of packet sniffing circumvention is virtual private networking. It is really easy to set it up in Windows as well!
VPN Server
vpn_create.jpg
  1. Go to “Network Connections” in the “Control Panel.”
  2. “Create a new connection” with the “Network Connection Wizard.”
  3. “Set up an advanced connection.”
  4. ‘”Accept Incoming Connections.”
  5. Skip “Devices for Incoming Connections.”
  6. “Allow virtual private connections.”
  7. Then, select which accounts will be able to remotely connect to the VPN. On this step, I just create a specific account just for VPN with no privileges.
  8. For “Networking Software,” make sure that “Internet Protocol (TCP/IP)” is selected. I would also include “File and Printer Sharing for Microsoft Networks” but that’s just me.
  9. If the server is behind a firewall and/or router, port mapping/forwarding and port opening must be enabled. The Windows XP VPN software uses point-to-point-tunneling protocol. PPTP requires port 1723 and PPTP pass-through routing.
vpn_users.jpg
VPN Clien
vpn_wizard.jpg
  1. Go to “Network Connections” in the “Control Panel.”
  2. “Create a new connection” with the “Network Connection Wizard.”
  3. Select “Connect to my network at my workplace.”
  4. Select “Virtual Private Network connection.”
  5. “Do not dial the initial connection.”
  6. Input the IP address or host name of the server computer.
  7. “Do not use my smart card.”
  8. After you finish the wizard, double-click the new VPN connection.
  9. Enter your username and password and connect.
vpn_login.jpg

Other Resources

If these directions don’t work out for you, check out these three more comprehensive resources. Imagine, one of them is actually from Microsoft!
Source
Using Virtual Private Networking (VPN) to Avoid Packet Sniffing/Analysis and Data Theft

No comments: