• Formes@lemmy.ca
    link
    fedilink
    arrow-up
    4
    ·
    8 months ago

    Sorry: This is going to be a wall of text. But short answer: Not directly.

    Websites, unlike your network administrator of a school, or China, or your ISP can’t actually see the network protocols in use; So no - they don’t KNOW you are using a VPN, they just suspect it with strong evidence. What they CAN do, is blacklist known public VPN server addresses, same way they can block known TOR exit nodes. In any case - a custom landing page can be put up, with some BS like: “In an effort to stop and prevent hacking attempts, we have made the difficult decision to block regular usage of our website and service from known VPN Server addresses. We apologize for the inconvenience.”.

    So: What CAN you do if you want to use a VPN? Well: Two basic options - Self host (VPN or SSH Port Forwarding), or Rent a Server and set up a VPN there.

    With the first option - Self hosting - the easiest and most straight forward way is using available VPN software. However, you can also use SSH port forwarding to get the same result. In either case - you are simply taking your traffic from your Laptop/mobile device and routing it through your home network. If you are simply concerned about public WiFi and wish to ensure intercept attempts are impractical - this is the way to go. If you want to hide who you are: Well, that won’t do it.

    Second Option - Using a Shared/Rented Server provider. Depending on how it is set up, and masked, it will be more difficult - not impossible - to single you out. Ideally you want to go in with a group of people to rent the server space. Just be aware, that some hosts are not going to like grey-area activities on their infrastructure, so make sure you do your research on who the host is - just as you should do if/when selecting a VPN service provider.

    In either of these cases, you as the administrator of these services need to understand the risks of opening your network to vectors of attack. Because of the way a VPN is set up, you are functionally punching a whole in your network and stating “Forward Connection Attempts on [selected port] to [System hosting the VPN Service]” - and if the VPN software you are using is flawed - that does open you up to being hacked. This goes the same for hosting using a rented server - shared or dedicated, just the exposure is NOT in your own network.