cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
iluom
Contributor II

Murky VPN : Partially open for secure communication...?

 

Hi

 

Please help me to clear my ambiguity regarding VPNs

 

VPN will not make me fully anonymous on line, it does to some extent , reasons could be many, just for example log files by VPN service providers, or legal obligations etc. It's okay.

 

My question is how does VPN make my communication private/secure to "non-https" website?

 

If the VPN connect is to https website we can understand that SSL/TLS encrypted communication takes place between the VPN server and https website .

 

If the connection is to any Organization's private network , i assume the communication between the VPN server and the Organization's private network will be handles by some VPN server setup or by some VPN communication protocols(PPTP,L2TP/ IPSec etc) by the VPN provider on the premises of the org LAN.. ... (am not sure..is it the way?)


So, without a VPN, my connection is fully open, anyone with the right tools can look at my data. Using a VPN solves the problems by encrypting my transmission and making it appear as if it’s the VPN server itself that’s making the connection and not me. But how does it handle the other half of the transmission from VPN server to destination website? 

 

Does it partially  open?  End to End encryption possible ?

 

Thanks

 

 

 

 

Chandra Mouli, CISSP, CCSP, CSSLP
12 Replies
rslade
Influencer II

> iluom (Contributor I) posted a new reply in Tech Talk on 04-06-2019 05:43 AM in the (ISC)² Community :

> I have a VPN subscription from a provider. I got my VPN client
> installed on my personal device.

OK, first off, this is from your provider, so you'll have to check details with them.
However, I strongly suspect that this only creates a VPN connection to your
provider. (Hopefully encrypted, but, again, you'd better check with them.)
Generally this is so you can use public wifi access points and have a connection to
your provider that (should be?) encrypted so that local users (at the public wifi
point) can't see your traffic. I very much doubt that it does anything from your
provider outbound to anything, but you could ask if a specific connection can be
made to your (I presume) own server.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Everyone is a genius at least once a year. The real geniuses
simply have their bright ideas closer together.
- Georg Christoph Lichtenberg
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
JoshuaGabriel
Newcomer III

Have you considered building an IPSec tunnel directly from A to C and managing the Security of RDP with the organization hosting the computer you want to access remotely?

Caute_cautim
Community Champion

@JoshuaGabrielGood points, from experience, by default RDP uses TLS V1.0 or V1.1, you have to do some re-configuration to ensure it conforms to TLS V1.2.  

 

Regards

 

Caute_cautim