cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
284
Views
0
Helpful
4
Replies

Traffic Network, ISP, and VPN

vov
Level 1
Level 1

Hello, i still asking about how the network send the data to internet looks like. Can anyone help to explain.

Every data we send to the internet will always pass through the ISP, which means the ISP can know the destination (and perhaps the contents of the data as well) to where the data is sent.

Computer -> WiFi -> ISP -> Google.com. (ISP know that i visiting google.com)

but what happen if we use VPN, let's says we use VPN Desktop Software. Will the traffic look like this?

1. Connection to VPN Service:

Computer -> WiFi -> ISP -> VPN Server

  • ISP know that we use VPN Service

2. Browsing to google.com using VPN that we use

Computer -> VPN Encrypt -> WiFi -> ISP -> VPN Server -> google.com

  • VPN Encrypt: VPN Desktop Software Encrypt the data first before it sent to VPN Server
  • ISP doesn't know what the data, because the data encrypted. But the ISP knows the destination of the data sent is to the VPN server.
  • VPN Server: Decrypt the data and make a request to google.com using VPN Server IP
  • and Vice Versa

does it really look like this?

1 Accepted Solution

Accepted Solutions

Joseph W. Doherty
Hall of Fame
Hall of Fame

"does it really look like this?"

More or less?

However, if you're trying to conceal you've accessed Google, first you're assuming your encryption hasn't been broken.  Second, if ISP can see data streams to/from VPN server, it can infer end-to-end by traffic volume and timing.

View solution in original post

4 Replies 4

Joseph W. Doherty
Hall of Fame
Hall of Fame

"does it really look like this?"

More or less?

However, if you're trying to conceal you've accessed Google, first you're assuming your encryption hasn't been broken.  Second, if ISP can see data streams to/from VPN server, it can infer end-to-end by traffic volume and timing.

Just a basic Flow...

Is this also the same when using TOR?

Computer -> Tor Encrypt Data -> WiFi -> ISP -> Entry Node -> Relay Node -> Exit Node -> Destination

It's been a while since I've read about TOR.  Recall that correct too.

TOR tries to preclude traffic analysis.

Of course, much depends who you're you're trying to conceal information from.  One thing to conceal from an ISP(s), another thing to conceal from a nation state.

Hello,

I think most VPN providers have a strict 'no logging' policy. But: your ISP can still see your DNS (Domain Name System) requests unless you're using a VPN with built-in DNS encryption or you've configured your device to use an encrypted DNS service like DNS over HTTPS (DoH) or DNS over TLS (DoT). I think ExpressVPN has their own private, encrypted DNS servers.

TOR uses entry nodes and middle nodes. Only the entry node knows your destination IP. You can also hide your own IP address; I am using the Torghost utility for that (link below). The only issue is that a growing number of websites blocks traffic coming from anything TOR (it looks like Cloudflare, to name one, keeps a list of TOR nodes)...

https://github.com/SusmithKrishnan/torghost