Helping people with computers... one answer at a time.

VPN's (Virtual Private Networks) connect through particular ports and have particular characteristics that are visible to your ISP. I discuss what they can and cannot see.

Can my service know if I'm using a VPN? Thanks.

In this excerpt from Answercast #20, I look at the way a VPN service works and what your ISP can see you doing.

ISP monitoring

By "service," I'm going to assume you mean your ISP – your Internet Service Provider.

The short answer is very definitely yes.

How an ISP tracks a VPN

VPNs connect through particular ports and have particular characteristics.

The data that goes across a VPN connection, while it is totally encrypted, has two things about it that are important and that are visible.

1) It is clear where the VPN data, that packet of data, is going. It has to go to the VPN's service.

Your ISP is responsible for taking a packet of data from you and forwarding it on to where it's supposed to go. The only way it can do that is if it knows where the packet is supposed to go.

The only way it can know where it's supposed to go is if you tell it. Part of the protocol says, "Hey, this packet needs to go over to the VPN service's servers over there." So, clearly, the ISP knows exactly where every packet of data you are sending out is going to go; at least on its initial step.

2) Similarly, VPN services tend to use specific ports.

Port 80, for example, is what's used to display web pages. Port 25 is what's used to send email. VPN services often use several specific ports that identify them as being VPN connections. So even if this ISP doesn't recognize the destination of the VPN packet of data, it can potentially detect the fact that it's a VPN by the port numbers that are being used.

What the ISP cannot see

  • Now, what it cannot tell is what you're doing with the VPN.

In other words, you may be using the VPN to connect to websites A, B, and C and send all sorts of interesting information to those websites; or send email; or whatever. Your ISP can see none of that.

All they can see is encrypted data that they can't decrypt. So they know you're using a VPN, but they don't know what you're using it for.

Article C5381 - May 24, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
set
May 24, 2012 10:52 PM

Thanks for the reply. It has been very usefull as some of my friends use VPN in Middle East Arab countries like UAE and Oman where you can get jailed and / or heavily fined for using a VPN

DT
May 25, 2012 9:35 AM

Why not use VPN on non-standard ports? Wouldn't that solve the ISP-knows-its-VPN issue?

To use non-standard ports, your VPN service would have to cooperate with the setup of this strategy.

Bill Trail
May 25, 2012 11:17 AM

Hey Leo. I use an old freeware version of Hamachi VPN (version 1.0.3.0) which is "out there" on sites such as www.OldVersion.com.

It creates TCP/IP addresses in the non-existant range of 5.x.x.x. My own individual Hamachi address is 5.139.149.149 - however I have complete annonimity from the entire world because only other computers running Hamachi can even see a 5.x.x.x address and, even then, they can only see my individual Hamachi address if they are a member of my heavily passworded group however I've also gone into Hamachi's properties and turned off a feature that denies access to any new group members.

It's very fast point-A to point-B and I'm entirely protected and encrypted within my own "regular" isp's normal IP address range and I'm completely legal and doing nothing wrong.

I am a computer software designer for small businesses and have Hamachi and UltraVNC running as system services totally silent witout even system tray icons on all of the nearly 200 PC's that I support. As long as these PC's are turned ON I have direct 24-7 unattended administrator's access to them including bi-directional file transfer.

Also you can map a drive to any PC with a shared hard drive within your Hamachi group.

It's not like being connected with Cat-5 cable when you start manipulating distant accounting files but a true dedicated point-to-point VPN can cost $1,000 per month. Free is good.

Note: Does NOT support AERO - but most of my customers are still running XP Pro and they have thankfully allowed me to set their screen attributes to "Classic" with a plain black background & no wallpaper. All of these video tricks REALLY make the old UltraVNC running over Hamachi trick work at pretty decent speeds. Any of you needing help with this setup please feel free to email me {email address removed} for free advice.

Jerry Kyser
September 30, 2012 9:14 AM

Have slow isp 1.5 m can't get any faster where I'm at , can I get any faster service on VPN ? If so how much would I need to pay ?

Since a VPN runs on an existing internet connection, it's limited in speed by your internet connection. It will not speed anything up.
Leo
02-Oct-2012

RM
November 14, 2012 9:34 PM

Hi Leo,

I am an independent contractor working from home. My personal computer is set up with a VPN connection that accesses company files through Goldmine. Also, my business emails are set up through Outlook and routed through the company’s server. I understand that they can see my business emails and track my activity on the VPN, of which I have no issue.

However, I use one computer for everything and do not want them tracking my “personal” activity, especially since I am not an employee. I do not access the Internet through their VPN. I have my own connection through AT&T and use Outlook Express for personal emails.

My question is this: When I am logged onto Goldmine through the VPN, can the company view my other activities through my own personal Internet connection and personal email? They claim that they can only see what I am doing specifically on the VPN and nothing outside of that portal.

Alex
February 11, 2013 6:39 AM

Hi Leo,

I have used SSL VPN from {url removed} VPN provider.
It worked using 443 port.

So it's not looked like VPN connection.
Many usual websites using https (443 port).

But one weird thing - SSL VPN working only on Windows Vista, 7 and 8 :(

Also you can use OpenVPN on any port. For example on port 80 :)

I believe it can't be detected as VPN connection ;)

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.