Using a VPN for Security

Wed Mar 23 17:42:21 MST 2022

There are a few interpretations to your question.
If you mean for a company or homelab, yes, you can use a VPN and you 
internal systems are more likely to be safer from the outside, because 
malicious actors need to figure out how to access the internal network 
before being able to access the internal infrastructure. VPN prevents 
the internal infrastructure from being open to the internet, most of the 
time.
Because of how VPNs work it also prevents your users from getting 
credentials stolen from a public WiFi they decided to use that day, 
assuming you encrypt the VPN traffic (see next section).

That being said, if you are wanting a VPN for daily life, the areas you 
increase protection would include
Going on public, or less trusted WiFi networks. Most public VPNs that 
advertise security will provide encryption to their servers before 
sending their traffic to the place you want it to go,
Some people use VPNs to prevent their ISPs/telephone providers from 
knowing what kind of traffic goes to/from you,
And lastly, some people just use them to change where it looks like the 
user is located, since most places use the location of an IP to 
determine where someone is located.
Maybe there are more things, but these were the main that came to mind.

As for "which is the best"... The answer I give is "which is better for 
you?":
Some people will say "make your own!" is the best. Most people can buy a 
VPS from a cloud provider and setup something like wireguard on the 
server to hook up to a phone.
You know the provider of the VPN will not snoop on your traffic, because 
YOU are the provider; you will have as much internet as you pay for, not 
as much as the VPN provider has at that time on a server; and you likely 
will not have as many places blocking you for being on a VPN (as those 
places block IPs from VPN providers).
The benefit of the providers,  however is a much larger selection of IPs 
and different locations to easily connect your VPN to, they maintain the 
servers, and you will be one user among many who connect to a website 
(the single IP from your VPS, and it always being you who connects can 
allow for correlation as to whom is connecting), along with other 
features sometimes.

So, if you are going for security, cheap, and generally works well? Make 
your own.
If you want anonymity, many countries to connect from, and low 
maintenance? Do a trusted public one.
"BUT WHO CAN YOU TRUST! THERE ARE SO MANY!"
Yeaaahhhh, I generally just look here and pick one: 
https://www.privacytools.io/#vpn

Mullvad tends to be regarded as the best option for people who do not 
make their own and for minor reasons such as "you can send cash" and... 
something about how they handle usernames, but many people prefer 
ProtonVPN.  I'm sure the others in the list are fine, too.

Hope this wasn't too much info and that it help!

> try Wireguard
>
> On Tue, Mar 22, 2022 at 3:03 PM Keith Smith via PLUG-discuss
> <plug-discuss at lists.phxlinux.org> wrote:
>>
>>
>> Hi,
>>
>> One of the things I see suggested for security is using a VPN.  Any
>> thoughts and which is the best?
>>
>> What should I look for?
>>
>> Thanks!!
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - "PrivateSeaBass at pm.me" - 7570d802.asc
Type: application/pgp-keys
Size: 3163 bytes
Desc: not available
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20220324/0a27e0f3/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 855 bytes
Desc: OpenPGP digital signature
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20220324/0a27e0f3/attachment.sig>