Introduction
With each passing day, privacy is growing into a larger public concern. The goal of this project is to experiment with ways to combine the usage of a Virtual Private Network (VPN) with chained proxies to create a more private internet connection. Our team is exploring possible configurations and implementations.
VPN vs. Proxy
The first step is understanding the difference between VPNs and proxies.
A VPN is a network connection that creates an encrypted connection to a VPN server. This makes it appear to whoever is watching that your traffic is coming from the VPN’s IP address. All internet traffic from your computer uses the VPN encrypted tunnel. This prevents anyone from sneaking a look at your data on the trip between you and the VPN server.
A proxy is very similar. It creates a secure connection between your computer and the proxy server. But, proxies weren’t designed to encrypt all traffic. They usually only do one application at a time. The proxy is usually configured for each application individually. and often passes the original IP address along. In a chain, proxies can provide a degree of anonymity.
Project Goals
Our project is combining these two methods of security. Why would someone want to do this? Well, if a proxy goes bad, or is somehow traced back to the original IP address, the eavesdropper will see the VPN’s IP rather than your own. By creating layers of privacy and security, it is less likely for a single point of failure to lead to exposure.
Method
To test various configurations, our team is using the Raspberry Pi 3.
These micro-computers allow us to simulate having many servers to host our VPN and proxy services. All without involving expensive external hosting for testing.
So far, we’ve experimented with different configurations and tools. Two Raspberry Pi 3s are dedicated proxy servers, hosting the SOCKS proxy server, Dante. On the client end, the Linux client utilizes proxychains to connect to the proxy servers. The Windows client utilizes Proxifier to access the proxy network.
One Raspberry Pi 3 is the dedicated VPN server, running an OpenVPN server. We used PiVPN, a set of scripts designed to make the OpenVPN install a smoother process.
Conclusion
We’re moving forward with this configuration and troubleshooting the connections on a local level. Once we have a setup that works, the next step is investigating commercial cloud options to shift out servers to.
Like the Leahy Center for Digital Investigation (LCDI) on Facebook and follow us on Twitter to get notified of more project updates.