Currently, there are three main types of VPNs that can be used to encrypt information being transmitted, in order to protect it from eavesdropping and logging. If you think that VPN is used to hide your IP you are mistaken as it is a minor feature of VPN, there are all sorts of proxy servers to hide your IP address which are highly recommended to use in conjunction with VPN. Ideally your bundle should look like this : socks proxy vpnhttp/socks proxy (though this bundle can be organized only using OpenVPN).
Type two – L2TP/IPSec is the least common, IPSec is used for encryption, udp is used for data transfer. It is a competent solution, because the patent for it is owned not by NECRASOVTm but by much more respected Cisco Systems. This protocol lacks all of the disadvantages of PPTP and, at the same time, does not require third-party software installation, but for clients with dynamic IP addresses, we can use only x.509 certificate authentication, which is quite progressive and convenient, but it makes users sad. The main problem is with the server side, for IPSec to work with clients behind a NAT, it’s necessary to use the NAT-T technology, which for example in Linux is currently experimental. There is no reliable, well-proven l2tp server solution for UNIX. In addition, it is not the best solution for people who economize on their traffic, since each transfer size is added, IPSEC header is about 56 bytes, L2TP header 16 bytes, and NAT-T will add a bit more. From the client side security point of view not all is well either, there is a possibility of one DOS-attack by another client. With server security there are the same problems as with PPTP servers and even more, because we already have two network services running under the root ISAKMP and L2TP.
The conclusion from all this mess is that if a man has his hands in the right place and if he thinks about his security he will choose OpenVPN.
The rights to this article belong to the author. Reprinting, using parts of it, etc. for personal purposes on other resources is only permitted with the author’s verbal agreement.
Copyright (C) 2006 frodo specially for https://ver.sc