I’m wondering if anyone has ever tried setting up their own VPN server, a la something like Comparitech’s guide to setting own up in the Amazon EC2 servers. In particular I’d be curious to the differences between a personal VPN, and one that’s purchased in terms of quality and security.
There are advantages and disadvantages.
Advantages:
-
A personal VPN usually performs better (as long as you choose a good VPS provider);
-
You are in control of your server;
-
Everything can be set up to your likings, security, protocol, logging, etc.
Disadvantages:
-
The process can be intimidating for someone who is not familiarized with Linux, or never set up a VPN server;
-
You only have one IP address (unless you pay for more), if someone blocks you, you are blocked;
-
Only one location (unless you rent multiple servers around the world);
-
Server security is up to you, it can, and probably will, be hacked if you don’t know what you are doing;
-
Don’t expect to download illegal torrents in a VPS, especially if it’s US based;
-
Bandwidth is not unlimited.
I have an OpenVpn server instance installed on a virtual private server (VPS). Been running it for years now. It allows me to feel secure it I use a free public WiFi. I may start using it on my home ISP but may have to go to a higher rate plan on the VPS to cover the increased data usage if I do.
Up side is I know exactly how it is configured and what is logged.
Down side is all traffic goes out on one IPv4 address or range of IPv6 addresses. So if your threat model includes governments it won’t do for you. If your threat is the hacker at the next table at the cafe or, perhaps, your ISP then it should work.
Not sure about being blocked by Netflix et al, but I suspect they detect by looking for IP addresses that appear to have many accounts connected. Don’t know how they might determine the difference between a large hotel and a VPN provider. Maybe a manual check of some sort.
FWIW, the VPS provider I use would likely be cost competitive with the more highly recommended VPN providers I have seen on these forums. And if you use the VPS for other services (OwnCloud, mail server, etc.) you get more than just a VPN.
One more down side: A poor setup on any server can compromise everything. If you are not experienced in managing servers then running your own VPN may not be a good idea.
how does one judge quality of a VPN? For that matter, how does one evaluate security?
A personal VPN usually just has the encryption benefit, I believe. Because your IP remains your real one, your metadata is not secure.
Thank you.
If one purchases a VPN service, do you generally have any control over what traffic will be re-routed? For example: Web browsing traffic I would want to route, but my gaming traffic I would want to be unchanged.
Bandwidth is not unlimited
Perfect reply, except for this point above: Terms and conditions apply. My VPN server is hosted at OVH and I get (really) unlimited bandwidth.
how does one evaluate security?
You can’t, unless your VPN provider gets audited, and publishes the audit’s results. You might get an idea if you dig around, seeing that Provider A was compelled to give logs, but didn’t (or wasn’t able to); and that Provider B complied without informing you.
You’ll surely also know when your provider gets pwned.
You could always share it with friends and family to help with traffic
VPN connections are system wide, everything in the system will be using the connection. For browsers there are proxies, but they aren’t very secure.
You can do this using Firewall rules and by tweaking your Operating System’s internals.
Something along the lines of:
route outgoing traffic to the VPN server using the secure tunnel interface
except the traffic on outbound ports 1234 1235 1236 1256
True, but they only offer 100Mbps of bandwidth, which might not be enough for some users, especially if they want to do more with their servers. The competition offers gigabit networks.