How Virtual Private Network can beat Deep Packet Inspection?
VPN or VPN provides effective security stopping, malware and spam hackers from listening to personal user information transmitted by via public networks. This technology also allows to block and identify illegal downloads and allows ISPs to give more importance to the nature and content of transmitted data. But there is another technology that enables governments and network managers to spy on the online activities and trace every movement (such as recording and reading personal emails or other digital communication) users. This technology is called Deep Packet Inspection or DPI. Governments use this technology to pry the online activities of citizens and also to control their Internet access.
The bills of the Canadian House of Commons and the US Congress have proposed in this respect. Bills oblige ISPs to keep information from their customers for 12 months and give enforcement authorities of the law if necessary. The information includes credit card numbers, IP addresses and other personal data of the user. Internet service providers can track all the sites that the user visits and follow his / her activities on these sites. If they want ISPs can block the user's access to specific sites. Now, network providers can track all the information in shipped packages and client computers without slowing down their network speed. Some countries such as Iran, China and North Korea regularly use Deep Packet Inspection to block Internet content. They keep a check on their citizens.
VPN using OpenVPN protocol to encrypt user data. Based on OpenVPN technology, we discuss some techniques employing we can beat Deep Packet Inspection:
Port Forwarding via TCP port 443
This is entirely is an easy technique that does not require implementation of the server side and can be easily made from the client computer. OpenVPN typically uses TCP port 80. firewalls so look out for the 80 port or other ports that are used normally. Upon detection of an encrypted traffic that uses these ports, the traffic is immediately rejected. Port 443 is typically used by HTTPS to protect https: // sites. Facebook, Twitter, Gmail, banks and other Web services typically use this port.
OpenVPN uses SSL encryption like HTTPS and so it is very difficult to keep an eye on port 443. Jamming port 443 can disrupt Internet access. Therefore, it is not considered a good option by web censors to lock the port. In conventional OpenVPN client, port forwarding is a common feature. Changing port 443 is extremely easy. If the user wants to enjoy the benefits of OpenVPN client, VPN provider should be contacted.
OpenVPN SSL / SSH tunnel
This technique uses an additional SSL / SSH, or Secure Socket Layer encryption / Secure Shell. Deep Packet Inspection fails to break this additional layer of encryption and can not detect the OpenVPN encryption which is located inside. Stunnel software is mainly used for the production of SSL tunnels must be installed on the server and client computers. SSH tunnels are mainly used in UNIX systems to access shell accounts.
0 Komentar