Categories
Cybersecurity

What Does My ISP See When I Use a VPN?

When you use a virtual private network to obfuscate your web communications, your Internet service provider is the first party that could feasibly pick up on what you’re doing. In theory. In practice, it might not even know what’s going on in the first place. More importantly, it likely isn’t in a hurry to find out.

Let’s underline that notion with some practical advice before getting into any more what-ifs: read your ISP’s privacy policy and you should have an exact answer regarding what kind of user data they’re logging and looking for, in general. Alright, maybe that’s not going to happen because nobody has that much time on their hands, but at least make your Google search queries company-specific if you want concrete answers concerning particular ISPs.

Why Your ISP Might Know Much Less Than You Fear

Yes, an ISP could probably see that you’re using a VPN, assuming it actually cared enough to look. *Actually* look to see whether the public IP address assigned to your household is behaving in a way that corresponds to your usage patterns. It’s likely not doing that, though. As that would require spending money in order to produce results that can’t be monetized en masse. Or at all, depending on how cynical you are.

Here’s the thing, though: the fact that many of us *are* cynical when it comes to our ISP’s intentions and willingness to act in good faith is precisely why we probably shouldn’t be worried about whether they’re going to any lengths to snoop on us. The U.S. is already among the most expensive countries in the world when it comes to the cost of broadband Internet access. And its irregular population density means that anyone not living in the suburbs or big cities probably receives horrible service relative to how much that service costs because regional monopolies are a thing, whether the FCC is feigning otherwise or not.

In effect, the ISPs became much more strategic about when to push consumers’ gears. Privacy is a big issue these days, sure. But because of digital advertising behemoths such as Google and Facebook, not 20th-century telecoms struggling to grapple with this new reality. If this was 2005, you could at least argue there’s no way of telling whether or not your ISP stores detailed browsing history logs of every individual user. Today, we know they don’t – they can’t, owing to the fact that SSL is everywhere.

And the main reason SSL is everywhere because Google Search started penalizing websites that don’t use HTTPS. You’d think Google would be fine with the world not using cutting-edge cryptography to secure bank transactions and searches for “funny cat videos” as equals. But Google already knew what you were doing and where your queries were directing you thanks to your reliance on Gmail, Chrome, or any other out of a dozen or so “free” and widely popular services it’s managing. The aggressive SSL adoption primarily crippled ISPs with data-harvesting ambitions – it’s not like they could afford to protest much in public.

That would be the gist of why most ISPs don’t go to great lengths to keep logs of user traffic. Plus, storing that information costs money so until they figure out how to make us pay for those logs, they’ll do their best to avoid upsetting shareholders with any unnecessary expenses. So, assuming you use any VPN, at all, your browsing history is at the very least safe from the prying eyes of your ISP.

Categories
Cybersecurity

What Is a DDoS Attack and Why Do They Still Work?

In a broad sense, a distributed denial of service (DDoS) is a cyber attack that leverages a botnet consisting of many different devices in order to overwhelm the target with bogus requests and consequently make it unresponsive to legitimate ones.

But as is the case with most attack vectors that are commonly encountered nowadays, the devil is in the detail. Meaning there’s an overwhelming amount of variety to DDoS attacks, whereas new techniques and phenomena are recorded on an almost daily basis.

So, while this article will cover all the bases in order to serve as a good starting point for learning about DDoS attacks, no singular source will teach you everything there is to know about the subject matter at hand. This the case with most cybersecurity topics, though. So you’d do well to try staying up to date if you have more than a passing interest in distributed-denial-of-service attacks.

Is There a Non-distributed Denial-Of-Service Attack?

Kind of, as cybersecurity researchers generally divide DoS attacks into three broad categories: advanced persistent DoS attacks, application layer DoS attacks, and distributed DoS attacks we’re examining in detail herein. Note that the only underlying logic to this division is the incidence of a given technique archetype. Otherwise, a DDoS is defined by its attacker, an ALDoS (more commonly referred to as a layer 7 DoS) by its target, and an APDoS by the attacker’s prep work.

If you dig deeper, you’ll even find mentions of protocol attacks (defined by their targets) and volume-based attacks defined by their strategy, degradation-of-service attacks defined by… ok, you get the picture. In practice, there’s a lot of overlap between all of those definitions. As with many other topics related to hacking, most DDoS knowledge doesn’t fit neatly into any given definition. Primarily because it evolves too fast for typical definitions to keep up.

Why Do DDoS Attacks Still Work After 25+ Years?

According to a late 2004 edition of The Internet Protocol Journal, the world’s first DDoS attack was carried out a quarter of a century ago, in September of ‘96. Its target was New York-based Panix, the third-oldest ISP on the planet.

As for its technique, the so-called SYN flood, it was pretty primitive relative to contemporary solutions. It essentially came down to several hundred (or perhaps just dozens of) clients sending connection requests without waiting for a response. In a pre-DSL world, that was all it took to bring down some network systems.

Yet DDoS attacks have only been gaining momentum in the meantime. Due to that persistent trend, the record for history’s largest DDoS attack is often broken several times in a given calendar year. And the overall annual volume of such hacks is currently close to doubling, according to a 2020 cybersecurity report from Neustar.

Therefore, asking why do DDoS attacks still work is hardly the central question right now. Since from a pure numbers perspective, you could argue that they are working better than ever. The key to their longevity is twofold: the issue comes down to the extremely broad definition of what constitutes a DDoS attack in the first place and the fact that you can’t really make a typical network completely invulnerable to such shenanigans.

Another important factor contributing to the persistence of DDoS attacks is their accessibility. Because launching a primitive SYN flood or something of the sort can be as easy as downloading a few scripts. Provided you know what you’re looking for, that is. The general availability of exploits revolving around low-level DDoS vectors is arguably the sole reason why the term “script kiddie” even exists.

One final thing illustrating how easily achievable DDoS attacks are is the fact that they can even be accidental. If a piece from some obscure website suddenly goes viral on social media or a content aggregator such as Reddit, there’s always the possibility of its servers getting a so-called “hug of death”.

They can consequently begin denying service requests because they’re overwhelmed with legitimate traffic. Even an unsuccessful DDoS attack, intentional or not, has the potential to significantly slow down a given website or online app.

There’s No Such Thing as DDoS Prevention – Only Mitigation

Since it’s not economically feasible to make any given server completely invulnerable to DDoS attacks, guarding against them comes down to mitigation techniques focused on risk management. Most of those are focused on identifying suspect traffic patterns, i.e. requests not made by humans.

In other words, you have DDoS attacks to thank for those annoying CAPTCHAs existing. And while manual DDoS defense mechanisms were also a thing in the past, botnets and other bogus traffic sources have gotten so sophisticated that contemporary DDoS mitigation solutions are pretty much exclusively cloud-based and automated.

Does a VPN Prevent DDoS Attacks?

Yes, a virtual private network can protect you against most types of DDoS attacks. In fact, that’s the main reason we’re digging deeper into this subject matter in the first place. At this point, you should at least have a vague idea of what DDoS attacks are and how they happen. Now, if we add a VPN to the equation… well, everything falls apart from an attacker’s perspective.

Without the ability to resolve your true IP address, the attacker is unable to target your smartphone, tablet, PC, or whatever it is you’re using to access the Internet. Meaning your actual machine cannot be added to their botnet.

Worst-case scenario, your VPN server or proxy will fall prey to the attacker’s methods, which usually won’t affect you beyond making your connection unresponsive for a couple of seconds. Until the intermediary obfuscating your IP address automatically reconnects you to an unaffected server node, that is.

If you really want to get technical, the actual worst-case scenario is that you have to do that manually. If you don’t, companies will usually advertise that feature as “DDoS protection” or something of the sort.

Even the very possibility of your VPN falling victim to a DDoS attack is a stretch because most service providers nowadays will usually have much more robust anti-DDoS protections in place than the average netizen. Being targeted by DDoS attacks is a much more realistic threat to modern VPNs than having their infrastructure absorbed into a botnet meant to power DDoS attacks.

Now, there is one notable exception to this – if a hacker already knows your real IP address because they obtained it before you established a secure Internet connection. Not even a triple VPN will help you in that case. And your only bet is to get a new IP address – not from your VPN provider, but your ISP. Most support dynamic IPs these days, so that shouldn’t be a problem.

Regardless, if you suspect you’re a target of a DDoS attack, with or without a VPN, consult with applicable local regulations. Because such cyber attacks at the very least constitute harassment in most parts of the world and are hence illegal.

Categories
Cybersecurity

Best VPN for Your Home Office

Intro. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.


How Did We Pick the Best VPN for Home Office?

Leave this hanging for now, no need to write anything. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Product #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Product #2

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Product #3

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Conclusion

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

 

Categories
Cybersecurity

Common VPN Error Codes and How to Solve Them

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.

Categories
Cybersecurity

How to Configure DMZ on Your Router

A DMZ (demilitarized zone) on a home router refers to a DMZ Host. Strictly speaking, this is not a true DMZ. A home router DMZ host is a host on the internal network that has all UDP and TCP ports open and exposed, except those ports otherwise forwarded. They are often used a simple method to forward all ports to another firewall/NAT device.

 

How to configure DMZ Host
Step 1: Login to the management page
Open the web browser and type the IP address of the device in the address bar (default is 192.168.1.1/192.168.0.1/192.168.0.254). Press Enter.
The default username and password are both admin. Click OK to log into the device.
Step 2: Configure the DMZ
For Wireless Routers and 3G Routers (Green GUI)

Click: Forwarding > DMZ > Enable/Disable. Input the IP of host device (here takes 192.168.0.100 as example), then click Save.

 

For Wireless Routers and 3G Routers (Blue GUI)

Click Advanced > Forwarding > DMZ > Enable/Disable. Input the IP of the host device (here takes 192.168.0.100 as example), then click Save.

Step 3:  Restart your router for the changes to take effect.

 

For ADSL Routers

 

Blue GUI

Click:  Forwarding > DMZ > Enable/Disable. Input the IP of the host device (here takes 192.168.1.100 as example), then click Save.

Orange GUI

Click Advanced Setup > NAT > DMZ > Enable/Disable. Input the IP of the host device (here takes 192.168.1.100 as example), then click Save.

Note: Power cycle/reboot your router for you settings to take effect.