Does a VPN bypass my Software Firewall?

Discussion in 'privacy technology' started by jsV7qQT, Aug 10, 2008.

Thread Status:
Not open for further replies.
  1. jsV7qQT

    jsV7qQT Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    3
    Hello,

    I've recently tried a new VPN (purevpn) and noticed some unexpected behavior on my computer.

    My firewall (Online Armor) was not configured correctly to let my antivirus (Avira) update automatically. This was not an issue, as I'm in the habit of manually updating my anti-malware software frequently. However, as soon as I logged in to my newly enabled VPN account, Avira began to auto-update.

    Purevpn (with IPSEC) uses Windows Network Wizard to set up a connection. In the past I have used OpenVPN based services and have not seen this behavior. My concern is the VPN connection may be bypassing the firewall rules, especially for other less trusted applications. Is that what is happening here?

    Also, I accessed several remote port scanners through the VPN and a number of ports now show as 'open'. (Without the VPN connection, none of the scanned port show 'open'). Is this just the VPN server being scanned, or does the VPN connection open additional ports on my end? Any inforrmation and advice would be appreciated.

    My pc:
    Windows XP (Windows Firewall OFF)
    Online Armor 2
    Avira Antivir
     
  2. jsV7qQT

    jsV7qQT Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    3
    To further expand my question(s)... do I now need to reconfigure Online Armor and / or Windows, to ensure all inbound and outbound VPN activity passes through the firewall? I found nothing on purevpn.com's configuration page suggesting this might be needed.


    Thanks
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Good choice, nearly best choice but not enough against http tunneling.
    Do you use a router? If which kind?
    DId you ever thought about a possibility that there is another unknown tunnel, uninstall your software and watch if internet traffic behaves usual or not.
     
  4. jsV7qQT

    jsV7qQT Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    3
    Hmm. I'm not sure what your getting at here...

    " but not enough against http tunneling"? and "a possibility that there is another unknown tunnel"

    (I also use Spyware Doctor which, along with Avira, scans for hidden files and root kits).

    It seems as if your viewing http tunneling (VPN?) as an inherently malicious process? As I said, I monitored activity both with this VPN connection and without. My OA firewall/hips shows no unfamiliar active connections in either case. But, with the VPN additional ports (44110 and 44080?) and several netbios ports are now shown in a 'listen'/not connected state.

    I am not familiar with this type of Windows generated VPN and am unsure if additional configuration is need to secure my computer. My concern now is making sure 1) the VPN is not bypassing my firewall rules, and 2) my http/https applications, including, internet download manager) are passing through the vpn connection.

    I've used OpenVPN/vpntunnel.uk in the past, and everything appeared to be directed through their servers, without the additional ports being open. The only reason I'm not using them now is that I've changed to cable/highspeed, and 'down-graded' from Vista to XP. Now I can't get the OpenVPN service to connect.

    As for using a router... no, but that is coming soon along with a good hardware firewall.

    Any suggestions or comments are appreciated.
     
Loading...
Thread Status:
Not open for further replies.