Hello my friends. So, I’m not a pro in this area, but I’m interested security information and anonymity, and I have some questions about the use of vpns with virtual machines, I would like to hear your opinions.
I already tested several vpns, and my favorite is Hide Me Vpn, and for virtualmachines, I like to use Oracle virtualbox, but if you want to discuss other vpn/vm softwares, as long as it is in the context of the question, all opinions are welcome.
The questions:
1 - Its better to use a VPN inside the virtual machine, or outside (in your “normal pc”)?
2 - Its possible to use 2 vpns (considering the same software) at the same time? Like, one ‘barrier’ in the ‘normal machine’, and other inside the virtual machine? Example: The user have a vpn in their host, and use this same vpn inside the virtual machine too. Would in this case, this two “layers” of vpn interfere with each other, and thus creating some leak or vulnerability? Would this depend on the VPN software used?
typically in this case you should set up a home lab. On your virtualisation application(in this case, virtualbox) set up a new VM for opnsense or pfsense. configure the VPN on that. this will be for your VM environment.
typically it would not interfere with the vpn used on your main device.
VPNs don’t really provide anonymity. They provide about as much anonymity as your ISP. You are better off routing through TOR, or just using a TOR browser, even then that’s not perfect. No such thing as anonymity with computers, only pseudoanonymity.
I personally don’t think VPNs provide much security value either, unless you can control the specs and ciphers. Plus they are just as susceptible to social engineering as anyone else.
Tunneling between VMs via VPN works well. If you can provide a drawing of what you are trying to achieve, we can provide better feedback in terms of what will and will not work.
Nested vpns between vms is a very good way to create a degree of anonymity. The catch is that the VMs cannot be running on your local machine or traceable to you.
This is what proxy chains are basically for, just use a proxy chain instead of vpns, even big companies like Norf have had the IP addresses of users compromised
It doesn’t work the way you think. All your data is still sent out of your router which acts as the gateway. Regardless of what kind of encryption your data is going through, this fact doesn’t change. In fact, adding a second layer of encryption will only add time it takes to every transmission, slowing all your connection speed significantly. But in all reality thats not how vpns will operate. They will fight for the gateway, and only one of them will win. That vpn will take precedence.
Adding a VPN as a second layer doesn’t really add any value. Do you want your ISP to know your using TOR or your VPN provider? Doesn’t add any security value, at least in the USA. Could be different if you’re in countries that monitor who is using TOR.
Connecting from your machine to a vm on your machine will not buy you anything (in terms of anonymity). The vm needs to be hosted somewhere else.
A local vm can provide protection if you connect to it through RDP or VNC and use the vm as your “workstation”. This technique will protect you against run-of-the-mill malware.