Question How can servers detect that you're using a VPN or TOR like service?

[chrstrbrts]

Hello,

There are many websites that are able to detect that you are using a VPN or TOR. A few examples are gmail, facebook, twitter, and various dating sites like Plenty of Fish.

These sites usually send some kind of error page saying something to the effect of "We're detecting unusual activity from your IP address" and then shut you out.

How can these servers detect a VPN?

Also, doesn't this type of thing defeat the whole purpose of using a VPN?

VPNs are supposed to be transparent after all.

Thanks.

 

[JackMDS]

Because whatever you send to them goes through a VPN provider server.

 

[pcgeek11]

From you to the VPN Server is in a tunnel and encrypted. From the VPN Server to whom you are connecting to is not in a tunnel or encrypted. They can ID the VPN Server.

 

[mv2devnull]

Also, doesn't this type of thing defeat the whole purpose of using a VPN?

The "whole purpose of VPN" used to be that you have a wire between machines A and B and someone sitting on that wire cannot tell what A says to B. There are many, who sit on the wire when "the internet" is the wire.

The extension of that was "road warrior": Company Office was the A and a salesman "out there" was the B. Communication between A and B was secure (as in any private network), and the salesman could pretend to be "at the office".


You pretend to be at "office" that is well known* to provide "VPN service". You don't pay for private network between A and B. You pay for obfuscating the true location of B. Too bad Facebook dislikes A (but probably is ok with B) ...


*They do advertise it, don't they?

 

[Rifter]

This is why you just avoid use of these websites. If they are trying to get you to compromise your security to use them then they are not worth your time and are likely just doing it to make it much easier to data mine you anyways so they are usually doing it to financially benefit themselves at your expense.

I spend alot of time on public/free wifi, doing so without a VPN is just a huge security risk, You literally will not find a single security expert who thinks using public wifi without a VPN is a good idea, so anyone asking for me to open myself up to attack in direct contradiction to all security experts in such a situation does not deserve my business anyways.

I even tried to get around this VPN block from some sites by renting a VPS and setting up my very own private VPN server on it, unfortunately this didnt work as said VPS is in a data center just like the VPN servers so most websites that complain about VPN also complained about my private VPN server as they are in a IP block of a major data center and i found it to be of little use.

I actually dont mind much it has helped me to greatly reduce my use of social media which i consider a good thing.

 

[mxnerd]

Popular websites are constantly under attacked all over the world, all the time.

I think these sites do not necessarily block you from using VPN, what they worried is that you suddenly come from an IP range (by using VPN servers that's all over the places as you wish) that's not from your past IP range and it causes their analytic algorithms thinking your account could be compromised / breached and either block you outright or ask you to re-identify yourself.

Transparency is never a feature of VPN. It's the opposite.

 

[dave_the_nerd]

If you've got your time zone set to GMT-6 but you're connecting from an IP in Europe?

 

[Fallen Kell]

Hello,

How can these servers detect a VPN?

They can detect it because there are typically detailed lists of TOR exit nodes (many are published so that the people running them are not raided by the FBI/<insert government/policy body name here> all the time from activity coming from the node.

Many VPNs have also been mapped due to the same reasons.

Also, doesn't this type of thing defeat the whole purpose of using a VPN?

VPNs are supposed to be transparent after all.

Thanks.

Nope. The purpose of the VPN is to allow for the secure communication from your location to the VPN provider, preventing people on your immediate network link from being able to snoop on your communications and/or perform man-in-the-middle style injection attacks (think using WiFi at a restaurant, do you really know that the hotspot named <insert restaurant name here> is actually the restaurant's and not some random person with a laptop who can log any/all things you do in the open. A VPN would prevent that style attack as you would be communicating to the VPN over an encrypted channel, preventing the person from being able to snoop on what you do. All they would see is that you are communicating with the VPN host, and not in fact going to your bank, checking your gmail, tweeting an update of the food you just ordered, etc... It effectively masks what you are doing on the network, so that only you and your VPN host can know what you are doing).

VPNs are also commonly used to defeat location based service limitations (i.e. many sites/services are restricted via geolocation, such as Netflicks where in one country you might be able to access certain movies/shows, but in another country it is a completely different list).

 

[QuietDad]

VPNs make the internet think your coming from somewhere else beside your house and some even add encrypting. All it does is change your IP the internet sees to the IP of the VPN. A website will always see some IP to resopnd to, whether it be your home IP or the IP of the VPN hiding you. There are many lists thru google of known IPs from VPNs, Cloudflare or other places to hide you. Very simple to check that list and see where your coming from.

 

[chrstrbrts]

VPNs make the internet think your coming from somewhere else beside your house and some even add encrypting. All it does is change your IP the internet sees to the IP of the VPN. A website will always see some IP to resopnd to, whether it be your home IP or the IP of the VPN hiding you. There are many lists thru google of known IPs from VPNs, Cloudflare or other places to hide you. Very simple to check that list and see where your coming from.

So, basically what you're all saying is that the only way you can successfully use a VPN on these sorts of sites is if the VPN is brand spanking new and hasn't had its IP address cataloged yet, correct?

Then, once sufficient suspicious activity has been observed coming from said new VPN, that VPN will be blacklisted, and you'd have to begin all over again. Yes?

Is there a way to get around this?

What if you commandeered someone's computer without their knowledge?

Does malware exist that would allow you to use someone's computer as a proxy that bounces your packet from that compromised computer to an ultimate destination and then does the reverse in the opposite direction?

Is this ever done? Does this sort of thing exist?

 

[mv2devnull]

That is a standard trope on TV & films.

Lets pretend that there are such tools. You seem to be willing to use them. Logically, you accept that others hack into your computer and use your IP just like you would use theirs. Do you?

 

[JackMDS]

Does malware exist that would allow you to use someone's computer as a proxy that bounces your packet from that compromised computer to an ultimate destination and then does the reverse in the opposite direction?

Is this ever done? Does this sort of thing exist?

I am sorry to intervine but if the Thread would continue along these lines I'll have to Close it.

 

[Rifter]

So, basically what you're all saying is that the only way you can successfully use a VPN on these sorts of sites is if the VPN is brand spanking new and hasn't had its IP address cataloged yet, correct?

Then, once sufficient suspicious activity has been observed coming from said new VPN, that VPN will be blacklisted, and you'd have to begin all over again. Yes?

Is there a way to get around this?

What if you commandeered someone's computer without their knowledge?

Does malware exist that would allow you to use someone's computer as a proxy that bounces your packet from that compromised computer to an ultimate destination and then does the reverse in the opposite direction?

Is this ever done? Does this sort of thing exist?

Yes a new VPN may work but it also may be in a block of IP's already banned because its in a data center thats already been banned.

And yes of course malware exists to do this.

 

[aigomorla]

VPNs are supposed to be transparent after all.

transparent to you... not the vpn provider itself.

Its like looking though a wall.
The other side of the wall only see's the wall, but not you.

The wall is still visible.. and that is what other servers see, the giant wall.

 

[gdansk]

One way is they keep a big list of all IPs used by VPNs and Tor exit nodes.

See, for example, this database of known anonymous proxies.