@lahmstache Virtual Private Networks (VPNs) solve a whole lot of privacy problems. Because a VPN generally welcomes your visitors on your personal computer and the VPN supplier, it makes it rather tricky for a person to see your traffic to determine what you’re around. But, there are many folks that want to be able to hide the fact they’re utilizing a VPN at all; such as individuals in states that ban VPNs, or other situations where VPN usage isn’t generally allowed or blocked through technical ways. In this article, we concentrate on the kind of information an observer can accumulate from system packet captures and how that data can be used to detect VPN use. Background on the problem The burning question is”why”? Who cares if someone finds you’re operating a VPN? If the traffic is encrypted anyway, what’s the issue? It is correct that in many conditions and in a number of nations, it does not matter at all if an audience detects the usage of a VPN. However, there are many states that prohibit the usage of VPNs and it is thus important for VPN consumers in those countries to understand how they can be discovered. So as to determine whether a VPN is in use, an audience must have access to your router where It is very difficult to use a VPN the target traffic is passing through. In the case of a targeted victim, an attacker expend great tools to recognize a means in which to shoot over a router which victim uses. In the instance of nation-state surveillance, yet successful detection will require the control of a lot of routers. When you combine these two things–an organisation which cares if you are employing and VPN and also has the ability to control a great number of routersthat usually suggests a nation-level hazard celebrity. Remember that this report deals with ways by which VPN usage can be found by observers. It does not necessarily mean that the information encrypted within the VPN tunnel is a lot much easier to exploit. Testing methodology With no access to state-level tools, my testing stage and methodology is a bit smaller in scale. I created a small internal system using three Virtual Machines (VM) with VirtualBox. The system topology is as such: I set up package sniffing software over the OpenWRT router VM and then tested various VPN configurations on the other two virtual machines. The packet sniffing software, tcpdump, let me catch the VMs system traffic for analysis. In a more realistic set, the package capturing software would probably be installed in routers on the Internet, or within the ISP’s system