Why do i need a vpn, 1) mac address spoofing, 2) data sniffing – Linksys RVS4000 User Manual

4

Planning Your Virtual Private Network (VPN)

4-Port Gigabit Security Router with VPN

Chapter 

Chapter :

Planning Your Virtual

Private Network (VPN)

Why do I need a VPN?

Computer networking provides a flexibility not available

when using an archaic, paper-based system. With this

flexibility, however, comes an increased risk in security.

This is why firewalls were first introduced. Firewalls help

to protect data inside of a local network. But what do you

do once information is sent outside of your local network,

when e-mails are sent to their destination, or when you

have to connect to your company’s network when you are

out on the road? How is your data protected?
That is when a VPN can help. VPNs are called Virtual Private

Networks because they secure data moving outside of

your network as if it were still within that network.
When data is sent out across the Internet from your

computer, it is always open to attacks. You may already

have a firewall, which will help protect data moving

around or held within your network from being corrupted

or intercepted by entities outside of your network, but

once data moves outside of your network—when you

send data to someone via e-mail or communicate with an

individual over the Internet—the firewall will no longer

protect that data.
At this point, your data becomes open to hackers using

a variety of methods to steal not only the data you are

transmitting but also your network login and security

data. Some of the most common methods are as follows:

1) MAC Address Spoofing

Packets transmitted over a network, either your local

network or the Internet, are preceded by a packet

header. These packet headers contain both the source

and destination information for that packet to transmit

efficiently. A hacker can use this information to spoof

(or fake) a MAC address allowed on the network. With

this spoofed MAC address, the hacker can also intercept

information meant for another user.

2) Data Sniffing

Data “sniffing” is a method used by hackers to obtain

network data as it travels through unsecured networks,

such as the Internet. Tools for just this kind of activity,

such as protocol analyzers and network diagnostic tools,

are often built into operating systems and allow the data

to be viewed in clear text.

3) Man in the middle attacks

Once the hacker has either sniffed or spoofed enough

information, he can now perform a “man in the middle”

attack. This attack is performed, when data is being

transmitted from one network to another, by rerouting

the data to a new destination. Even though the data is not

received by its intended recipient, it appears that way to

the person sending the data.
These are only a few of the methods hackers use and they

are always developing more. Without the security of your

VPN, your data is constantly open to such attacks as it

travels over the Internet. Data travelling over the Internet

will often pass through many different servers around

the world before reaching its final destination. That’s a

long way to go for unsecured data and this is when a VPN

serves its purpose.

What is a VPN?

A VPN, or Virtual Private Network, is a connection between

two endpoints—a VPN Router, for instance—in different

networks that allows private data to be sent securely

over a shared or public network, such as the Internet. This

establishes a private network that can send data securely

between these two locations or networks.
This is done by creating a “tunnel”. A VPN tunnel connects

the two PCs or networks and allows data to be transmitted

over the Internet as if it were still within those networks.

Not a literal tunnel, it is a connection secured by encrypting

the data sent between the two networks.
VPN was created as a cost-effective alternative to using

a private, dedicated, leased line for a private network.

Using industry standard encryption and authentication

techniques—IPSec, short for IP Security—VPN creates a

secure connection that, in effect, operates as if you were

directly connected to your local network. VPN can be used

to create secure networks linking a central office with

branch offices, telecommuters, and/or professionals on

the road (travelers can connect to a VPN Router using any

computer with the Linksys VPN client software.)
There are two basic ways to create a VPN connection:

VPN Router to VPN Router
Computer (using the Linksys VPN client software) to

VPN Router

The VPN Router creates a “tunnel” or channel between two

endpoints, so that data transmissions between them are

secure. A computer with the Linksys VPN client software

can be one of the two endpoints (refer to “Appendix B:

Using Linksys QuickVPN for Windows 2000, XP, or Vista”).

If you choose not to run the VPN client software, any

computer with the built-in IPSec Security Manager

(Microsoft 2000 and XP) allows the VPN Router to create a

•

•