VPN's
- Thread starter hammy
- Start date
hammy
American Ham
- Joined
- May 8, 2004
- Messages
- 7,747
- Reaction score
- 0
- Points
- 31
Hey Malice. I was looking for info on privacy and security for working on work files at home. I'm not really tech savvy, but I stumbled on a site that talked about VPN's and they sounded like exactly what I would need. (Or if you know of something different, please suggest it.) I also liked the idea because I've always been paranoid about paying bills on line but I would really like the convenience. So basically, would you suggest a VPN for those purposes?
Do you use a commercial product or did you make your own? If commercial, would you recommend yours?
Thanks.
Do you use a commercial product or did you make your own? If commercial, would you recommend yours?
Thanks.
Malice
BMFH
- Joined
- Mar 26, 2001
- Messages
- 12,734
- Reaction score
- 0
- Points
- 31
Hey Malice. I was looking for info on privacy and security for working on work files at home. I'm not really tech savvy, but I stumbled on a site that talked about VPN's and they sounded like exactly what I would need. (Or if you know of something different, please suggest it.) I also liked the idea because I've always been paranoid about paying bills on line but I would really like the convenience. So basically, would you suggest a VPN for those purposes?
Do you use a commercial product or did you make your own? If commercial, would you recommend yours?
Thanks.
Casey, before we discuss implementing a VPN, I need to know what you are trying to do here. Are you trying to implement a VPN from home to work?
Give me a nice description of what you are wanting to do and wanting to achieve, and then I can get a little more into this.
jaguarr
Be Your Own Hero
- Joined
- Nov 11, 2003
- Messages
- 43,566
- Reaction score
- 1
- Points
- 31
Yeah, I'd have to agree with Malice, Casey; need to know what it is you're wanting to accomplish. You mention wanting to be able to securely pay bills online, but that's really not what a VPN is for and wouldn't buy you any security. For working on work files at home, it really depends on if you're wanting to create a VPN tunnel from your home computer to your work computer (or vice-versa) and what operating systems and firewalls are involved. The most secure way to work on work files at home is to just get a little USB flash drive and copy files onto it from your work computer and then take it home with you to work on those files while you're at home.
jag
jag
hammy
American Ham
- Joined
- May 8, 2004
- Messages
- 7,747
- Reaction score
- 0
- Points
- 31
Okay guys, thanks. I'll elaborate but I think I could get in way over my head real fast, lol. 
The work I'm talking about includes medical records. There are all sorts of hippa laws regarding privacy and such, so I can't have anyone potentially intercepting this info. I was searching terms like security and privacy and came upon this site that talked about various different types of net security, including VPN's. Of all the things mentioned, VPN's seemed like the only thing potentially secure enough for what I was talking about. (I'm actually a bit unclear about "who" is out there and "why" they want this sort of information, but the website emphasized all the people potentially spying and getting this kind of info that it made me extra paranoid, lol) 
The site had bazillions of links and was a little confusing to follow, but from what I could gather, this is how a VPN works; a little tunnel is created between your computer and the one you are connecting to (or wait, now I'm a little confused. Maybe it's not computer to computer but server to server.
Or even isp to isp? Ugh. ) 
As you can see, this is unfamiliar territory for me. Anyway, the idea is that the vpn allows one computer to hook up with another, without any third party being able to spy. Not even the isp, if I understand correctly. So that seemed like the logical route to go.
And after reading that, I thought, this would be a cool application for things like online banking and bill paying. The site made it sound like once you have a vpn, you can choose to connect to it (or not) but if you do, then where you go, a tunnel is created between you and your destination. So if I got online I could use it to connect with Bank of America for my banking stuff or with my local utility companies and so forth, and nobody could potentially hack in and get my personal info.
Is that the way you guys understand vpn's or did I get that all botched up? And if they're not good for dealing with stuff like my work files, would they still be good for the other?
The work I'm talking about includes medical records. There are all sorts of hippa laws regarding privacy and such, so I can't have anyone potentially intercepting this info. I was searching terms like security and privacy and came upon this site that talked about various different types of net security, including VPN's. Of all the things mentioned, VPN's seemed like the only thing potentially secure enough for what I was talking about. (I'm actually a bit unclear about "who" is out there and "why" they want this sort of information, but the website emphasized all the people potentially spying and getting this kind of info that it made me extra paranoid, lol) The site had bazillions of links and was a little confusing to follow, but from what I could gather, this is how a VPN works; a little tunnel is created between your computer and the one you are connecting to (or wait, now I'm a little confused. Maybe it's not computer to computer but server to server.
Or even isp to isp? Ugh. ) As you can see, this is unfamiliar territory for me. Anyway, the idea is that the vpn allows one computer to hook up with another, without any third party being able to spy. Not even the isp, if I understand correctly. So that seemed like the logical route to go.And after reading that, I thought, this would be a cool application for things like online banking and bill paying. The site made it sound like once you have a vpn, you can choose to connect to it (or not) but if you do, then where you go, a tunnel is created between you and your destination. So if I got online I could use it to connect with Bank of America for my banking stuff or with my local utility companies and so forth, and nobody could potentially hack in and get my personal info.
Is that the way you guys understand vpn's or did I get that all botched up? And if they're not good for dealing with stuff like my work files, would they still be good for the other?
Kable24
Member of the NRA
- Joined
- Aug 29, 2003
- Messages
- 12,858
- Reaction score
- 0
- Points
- 31
We use vpn's where I work. basically how it works here is when you are at work you are on the Hershey domain/network. Everyone is allocated drive space on the servers plus may connect to other drives on servers such as an M, Y, Z W drive. They are also connected to an exchange server. when they take their laptops home with them to work they use the vpn to connect to the Hershey domain/network so they can connect to the Exchange server and their personal drives on the servers.
jaguarr
Be Your Own Hero
- Joined
- Nov 11, 2003
- Messages
- 43,566
- Reaction score
- 1
- Points
- 31
In order to set up a secure VPN tunnel between your work system and your home system, you'll definitely need full administrative access to both. It would work well for connecting between the two, but I would check with your IT guys to see if they have a VPN solution already in place and available or not or whether your installing your own would violate any of your company's IT policies. Most companies frown on employees circumventing their firewall and accessing their systems remotely. And if you are dealing with medical records, yes, they are one of the most sought after pieces of information hackers look for as it sells for a pretty good price. It's a very comprehensive source of information for identity thieves.
As far as paying bills online, what you really want to look for is vendors that use HTTPS and SSL:
http://www.gordano.com/kb.htm?q=1588
With those in place, you're about as safe as you're going to get. It's in fact similar to a VPN system as it sets up a one-time only tunnel between you and the company's systems. You can't set up a semi-permanent, private VPN with your creditors; they don't have the IT infrastructure to manage that.
jag
As far as paying bills online, what you really want to look for is vendors that use HTTPS and SSL:
http://www.gordano.com/kb.htm?q=1588
With those in place, you're about as safe as you're going to get. It's in fact similar to a VPN system as it sets up a one-time only tunnel between you and the company's systems. You can't set up a semi-permanent, private VPN with your creditors; they don't have the IT infrastructure to manage that.
jag
Malice
BMFH
- Joined
- Mar 26, 2001
- Messages
- 12,734
- Reaction score
- 0
- Points
- 31
Casey, I am not being mean, it just sounds like you are unsure (because you are not as technical) of what you want or what you even need.
Now, I will put this one out.
This sound ok?
If you have the ability to put in NETWORK DEVICES in your office (say you have your own office, or are in control of the office network)
You can purchase two items, a VPN Server in your Office, and a VPN endpoint at home. What this does, is creates as STATIC encrypted tunnel from your home (using the VPN EndPoint to the VPN Server in your office). This means, anything over the wire is completely encrypted. The VPN endpoint, can actually be located on your laptop/desktop as software, not having to be a hardware device. Just to explain, this only means, when you get your encrypted tunnel to your office from home, when you surf websites and goto a bank, you are sending your data to your office network (encrypted) then it goes back out from your office network to the bank website (unencrypted).
Now, I will put this one out.
This sound ok?
If you have the ability to put in NETWORK DEVICES in your office (say you have your own office, or are in control of the office network)
You can purchase two items, a VPN Server in your Office, and a VPN endpoint at home. What this does, is creates as STATIC encrypted tunnel from your home (using the VPN EndPoint to the VPN Server in your office). This means, anything over the wire is completely encrypted. The VPN endpoint, can actually be located on your laptop/desktop as software, not having to be a hardware device. Just to explain, this only means, when you get your encrypted tunnel to your office from home, when you surf websites and goto a bank, you are sending your data to your office network (encrypted) then it goes back out from your office network to the bank website (unencrypted).
Malice
BMFH
- Joined
- Mar 26, 2001
- Messages
- 12,734
- Reaction score
- 0
- Points
- 31
If you want a great podcast to listen to stuff about VPNs....go here
The podcast is called....Security Now!
http://www.grc.com/securitynow.htm
The episodes involved VPN technology and the theory behind it are
Episode 14, 15, 16, 17, 18, 19
The podcast is called....Security Now!
http://www.grc.com/securitynow.htm
The episodes involved VPN technology and the theory behind it are
Episode 14, 15, 16, 17, 18, 19
jaguarr
Be Your Own Hero
- Joined
- Nov 11, 2003
- Messages
- 43,566
- Reaction score
- 1
- Points
- 31
Technically, you don't need a VPN server in the office to set up VPN; you can set up client-to-client VPN's much more economically and easier, but oh boy is that a good way to get the IT guys and possibly your Legal and even HR departments all over your ass, depending on the company you work for.
jag
jag
Kable24
Member of the NRA
- Joined
- Aug 29, 2003
- Messages
- 12,858
- Reaction score
- 0
- Points
- 31
fixed. Thanks. I didn't even think of that one.
Badger
Side-Kick my Ass!
- Joined
- Jul 28, 2005
- Messages
- 8,812
- Reaction score
- 0
- Points
- 31
If you are wanting to use VPN for work:
Short answer if it involves any HIPPA laws there is no way you will get access to any personal medical files on your home personal computer. VPN or Not.
I'd say talk to your IT department. Then take a picture of the look on their face(s) when you ask and post it.
For Banking:
Not needed, you should already be securely connected to them with or without vpn. When you login to your account your address should start with "https" which mean it's a secured connection.
Short answer if it involves any HIPPA laws there is no way you will get access to any personal medical files on your home personal computer. VPN or Not.
I'd say talk to your IT department. Then take a picture of the look on their face(s) when you ask and post it.
For Banking:
Not needed, you should already be securely connected to them with or without vpn. When you login to your account your address should start with "https" which mean it's a secured connection.
Malice
BMFH
- Joined
- Mar 26, 2001
- Messages
- 12,734
- Reaction score
- 0
- Points
- 31
HIPPA security standards...
http://www.cms.hhs.gov/SecurityStandard/
http://www.cms.hhs.gov/SecurityStandard/
hammy
American Ham
- Joined
- May 8, 2004
- Messages
- 7,747
- Reaction score
- 0
- Points
- 31
Okay, what you guys are saying is quite a bit different from what I read at that website. First of all, it sounds like you are saying the VPN has to be installed at both ends. The article I read said you can set one up on your home computer, and no matter where you go, even if you're just surfing the net for porn, you still have this secured tunnel. Actually, my impression was that vpn's were largely being used for exactly that. So people could surf for porn undetected. But the article did say they were used by large corporations for the kind of thing I'm talking about, so I figured it would work.
But you guys are funny with all your IT talk. If there was an "IT" department I, a non-techie person wouldn't be trying to figure all this out. It's just a small office. I actually think it's just going to be above my head and I'll have to tell them I can't handle it.
So my next question is, for those of you who do use a vpn, what do you use them for? I'm still interested in learning about them now that I know they exist. I'll listen to those podcasts, Malice. Thanks.
First of all, it sounds like you are saying the VPN has to be installed at both ends. The article I read said you can set one up on your home computer, and no matter where you go, even if you're just surfing the net for porn, you still have this secured tunnel. Actually, my impression was that vpn's were largely being used for exactly that. So people could surf for porn undetected. But the article did say they were used by large corporations for the kind of thing I'm talking about, so I figured it would work. But you guys are funny with all your IT talk. If there was an "IT" department I, a non-techie person wouldn't be trying to figure all this out. It's just a small office. I actually think it's just going to be above my head and I'll have to tell them I can't handle it.
So my next question is, for those of you who do use a vpn, what do you use them for? I'm still interested in learning about them now that I know they exist. I'll listen to those podcasts, Malice. Thanks.
jaguarr
Be Your Own Hero
- Joined
- Nov 11, 2003
- Messages
- 43,566
- Reaction score
- 1
- Points
- 31
I use a VPN to work remotely but my company provides that client and manages the VPN servers. I also use a VPN to securely access my systems at home if I'm on the road, which isn't very often anymore thankfully, so I usually keep remote administration capabilities disabled on my systems and the firewall up and running.
As far as surfing for porn anonymously, Google "Tor", Casey. Also, you'd probably do well to show the folks in your office the HIPPA laws link that Malice posted; sounds like there are some regulations around remote access/VPN's and the type of data your company treks in.
jag
As far as surfing for porn anonymously, Google "Tor", Casey. Also, you'd probably do well to show the folks in your office the HIPPA laws link that Malice posted; sounds like there are some regulations around remote access/VPN's and the type of data your company treks in.
jag
Malice
BMFH
- Joined
- Mar 26, 2001
- Messages
- 12,734
- Reaction score
- 0
- Points
- 31
A VPN's purpose, is to provide an encrypted "tunnel" from one network or computer to another network or computer.
In my case, I have a laptop with VPN software on it. I fire it off, it immediately contacts the VPN server at work, and builds this "tunnel."
My laptop is then "on my work network" virtually. As you know I am on my home network via DSL, but what it does, is it sends ALL NETWORK TRAFFIC, thru this tunnel, to my work network (encrypted over the internet).
In effect, it makes it JUST LIKE I was sitting with my laptop in my office. The only difference is speed, VPNs are a tad slower since there is all that traffic over the internet.
In the end what are YOU trying to do casey? We might be able to clarify for you.
In my case, I have a laptop with VPN software on it. I fire it off, it immediately contacts the VPN server at work, and builds this "tunnel."
My laptop is then "on my work network" virtually. As you know I am on my home network via DSL, but what it does, is it sends ALL NETWORK TRAFFIC, thru this tunnel, to my work network (encrypted over the internet).
In effect, it makes it JUST LIKE I was sitting with my laptop in my office. The only difference is speed, VPNs are a tad slower since there is all that traffic over the internet.
In the end what are YOU trying to do casey? We might be able to clarify for you.
jaguarr
Be Your Own Hero
- Joined
- Nov 11, 2003
- Messages
- 43,566
- Reaction score
- 1
- Points
- 31
I think she does want to set up a VPN, Mal; she seems to know what she was asking to do, ultimately, even if the technical limitations (and legal ones according to the HIPPA Laws) probably will prevent her from doing it.
jag
jag
hammy
American Ham
- Joined
- May 8, 2004
- Messages
- 7,747
- Reaction score
- 0
- Points
- 31
Yeah, Malice. It looks like I won't be using it for the work thing and I apparently don't need it for banking, but I am still curious about them, that's why I asked what you guys use them for. Sounds like both you and jag use them for work, as I had intended.
One thing that I like about the vpn over just https and ssl is that even your isp can't detect what's going on. That seems safer for the banking applications. I mean, I'd hate to think that anybody at my isp would intercept my personal info, but I suppose it could happen. Actually, now I'm just looking for an excuse to use one because I think they sound cool.
So does anybody know of a good tech site that someone like me, who knows virtually nothing about this stuff, can read up and get schooled? What I find confusing is when reading stuff, the author often writes as though you are already familiar with the terminology he's using. I'd like to find a site that understands there are tons of people like me who want to learn, but need to know the basics, first.
One thing that I like about the vpn over just https and ssl is that even your isp can't detect what's going on. That seems safer for the banking applications. I mean, I'd hate to think that anybody at my isp would intercept my personal info, but I suppose it could happen. Actually, now I'm just looking for an excuse to use one because I think they sound cool.
So does anybody know of a good tech site that someone like me, who knows virtually nothing about this stuff, can read up and get schooled? What I find confusing is when reading stuff, the author often writes as though you are already familiar with the terminology he's using. I'd like to find a site that understands there are tons of people like me who want to learn, but need to know the basics, first.
Similar threads
Users who are viewing this thread
Staff online
-
squeeknessI'm a poor lost puppy -
C. LeeSuperherohype Administrator -
Lily Adler🖤 Infectiously Delicious 🤍 -
Hunter RiderRonin
