how can i test my VPN ssl security?

hello,

i have purchased a vpn service that establish a 256bit ssl tunnel from my pc and their server. This is what they say... however i want to test if they are saying the truth. Is there a way that i can personally test if my isp can monitor my internet activity or not while i am connected to internet via my vpn

thnx a lot...

 

Hi, apart from other methods, if you use firefox as i do, you could install Calomel which shows lots of info about whether a www is SSL/HTTPS or not. Also it shows the SSL strength etc etc



Another useful feature is the visual display icon which changes various colours in real time, from Green right through to Red depending on strength =

I wrote a thread about it on here https://www.wilderssecurity.com/showthread.php?t=285561&highlight=Calomel

Other threads with it mention it too https://www.wilderssecurity.com/search.php?searchid=3954128

 

thnx for the answer mate but this only works for https sites...

the thing i want to do is to test if i am secure while i am connecting to internet via my VPN.

for example i want to go www.wilderssecurity.com
without vpn...my isp can see that i am surfing on it


while i am connected via VPN it says secure online aes 256bit...so my isp shouldnt see that i am surfing on www.wilderssecurity.com

thats what i want to test. my isp can see me or not??

is there a way to do it?

 

Hi lasho,

Read Virtual Private Network.

-- Tom

 

CloneRanger,
TLS doesn't equal https

lasho,
This is more relevant to your interest:
https://secure.wikimedia.org/wikipedia/en/wiki/Transport_Layer_Security#Security

AES 256 is strong crypto for all intends and purposes, TSL is a tried and trusted protocol. Your biggest risk is in the further implementation and side channel attacks for example DNS leaking and of course, can you trust your VPN provider more than your ISP?

 

AFAIK, the strongest public anonymity test is still Metasploit's <decloak.net>. For checking DNS leakage, you can use <www.grc.com/dns>. It'll list all of the DNS servers that your computer accesses.

Also, it's not just deciding whether you trust your VPN provider more than your ISP. Without the VPN, you're also trusting everyone with access to your connection to your ISP (e.g., higher level ISPs, dishonest employees and governments).

 

And using VPN changes that how again?
They have an ISP too,
they have employees too,
they have a physical location in a state with a (probably friendly to yours) government too.

 

I knew that someone was going to say something like that

Yes, of course, your VPN provider could be just as vulnerable as your ISP, or even more so. It could even be a honeypot. And so it's important to choose a good one.

Here are some key criteria for a good VPN provider. They'd have entry and exit nodes in multiple jurisdictions. They'd have routing protocols that complicate connection tracing, even by themselves. They'd hire multiple anonymous admins to manage components, to prevent treachery and coercion. And they'd multiplex and share nodes with other friendly VPN providers. And perhaps most importantly, they'd have a reputation that you can verify from multiple sources.

 

If you just want to see if you're connection really is encrypted, just use Wireshark.

 

thank ypu for replys ppl...

axle00, can you pls telle me the use of that program? I am a newbie =)

 

In wireshark there's a columns named Protocol, make sure DNS doesn't show up (put "dns" without the quotes into the filter search box at the top).

You should only see TLS/SSL and maybe TCP (I'd need to test that or have a look at the data inside, is it encrypted?) traffic and local networking. The latter you can determine by looking at source and destinations, both should be part of a private IP range:
http://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces
or a multicast address:
http://en.wikipedia.org/wiki/Multicast_address
or local MAC address:
http://en.wikipedia.org/wiki/MAC_address

I think that's all you need to know to get started.