Can VPN Traffic Be Monitored?

I decided to look at choosing a VPN to ensure my web traffic was not monitored. Like many others I believed the VPN kept me from being tracked, by providing full privacy and keeping me anonymous when I was online.

Can VPN traffic be monitored? The VPN traffic can only be monitored if the VPN leaks the real IP address information about the user (DNS or WebRTC leaks), uses weak encryption that is easily crackable, the VPN server itself has been compromised allowing the VPN users browsing habits to be monitored in real-time, the VPN connection isn’t protected against failure using a Kill Switch or the VPN keeps logs which can be used under a court order to see what the VPN user has been doing.

A VPN that doesn’t log user browsing details, leak the real IP address, uses strong military grade uncrackable encryption along with the VPN server itself being connected to, being protected against being compromised will be difficult to monitor.

Not all VPNs are the same, with some giving away more information than they should be doing. Putting their users privacy at risk, as they keep hard evidence of the users activities that could be used later for investigative purposes.

It isn’t too difficult to avoid the trap being monitored when using a VPN by following a few simple steps. These steps will make it harder for privacy to be undermined and stop any trails of information about internet activity being left behind.

In the following parts of this article, I will look at ensuring any monitoring on VPN traffic is either minimized or stopped completely.

1. Use a quality VPN

A quality VPN can provide many measures to protect the identity of the people using them, as many of these VPN companies pride themselves on protecting the interests of their customers identities (check out my list of reputable VPNs here).

They will use robust encryption and ensure your real IP address is never revealed and depending on where they are based, law enforcement agencies from other jurisdictions may have little power in getting information from them.

There are also plenty of rogue VPNs which can install malware as part of their installation process, so they can steal sensitive information like usernames, passwords, social security and banking details.

These VPNs can also use poorer levels of encryption, which is easier to break, and they may even be not using any encryption at all. They may also sell their user’s web browsing histories to the highest bidder with or without removing their personal details like their name.

2. Use a VPN with a Kill Switch

Should the VPN connection fail for any reason, the connection to the internet will still be open and any traffic that was previously travelling across the secure encrypted VPN tunnel will not be rerouted to travel through it’s normal method of travel, that is across the ISP without a VPN.

This allows the ISP to potentially see all the traffic travelling to its destination, traffic that was previously hidden in a VPN tunnel. To be able to ensure all traffic travels along the VPN, some form of fail-safe is needed that cuts off the internet connection when the VPN fails.

This is exactly what the Kill Switch on some VPNs does, it continuously monitors the VPN connection and if it fails, the Kill Switch stops all internet traffic from leaving the computer until the VPN connection is reconnected.

Leaving the VPN running overnight, only to find the VPN connection dropped, resulting in all the traffic going over the normal internet connection will make it easier to monitor someone’s internet traffic.

But if the VPN had a Kill Switch, any internet connectivity would be stopped dead in it’s tracks and by the time the person realised they VPN had stopped in the middle of the night, they would be rest assured nothing was sent across the open internet connection.

3. Use a VPN that’s log free

The only people who will know which websites the VPN customer has visited will be the VPN service providers, however if the VPN doesn’t log this information then only the VPN customer will know (as long as there are no leaks) where they have been.

Therefore, it’s imperative to use a VPN service provider that doesn’t keep logs if any monitoring is to be avoided.

A word of warning, some VPN providers may profess to not keep any logs but when they have been asked by law enforcement for logs, they have willingly provided logs.

It’s important to research the VPN service provider first to see if they have a history of not keeping their word when it comes to logging their customers website visits.

4. Use VPN on all devices

People tend to use many different devices to access the internet and browse the world wide web, from their laptops, personal computers, tablets, smart phones to smart watches.

If anyone of these devices is used without a VPN then potentially the way the world wide web is browsed could give away identifiable information even when a VPN is used. As breadcrumbs are likely to be left behind which could be used for tracking.

Using sophisticated technologies, it could be possible to piece together snippets of information left when connections haven’t been made by using a VPN, to track down IP addresses, usernames and other personally identifiable information.

For example, visiting a forum and posting information using a VPN connection, will only register the IP address of the VPN connection and not the real IP address of the user. But if the same user then connects using their smart phone without a VPN then their real IP address will be registered against their username.

So, anyone who was monitoring that particular username will now be able to see the real IP address instead of the VPN provided IP address.

5. Don’t use a plug-in VPN

Using a VPN browser extension or plugin instead of the full VPN software will only protect the web browsing traffic and not any of the other communication traffic leaving a computer, smart phone or tablet onwards to the internet.

So, any communications using an email program will not use the plug-in VPN, nor will any internet communications done using applications for voice calls, video calls, file transfers and the like.

The overall quality of the VPN plugins and extensions could be cause for concern, as the levels of encryption used (if any is used), could be easily crackable, there could be information leaking, like the user’s IP address and the plugin itself could be stealing sensitive information from the users banking websites and other financial websites.

It’s not to difficult to deploy skimming technology, so any information entered any website forms is captured and then sent off to the hacker who created the plug-in.

6. Use a VPN with leak protection

Good VPNs will be designed to ensure they don’t leak any information and one of the ways a leak can happen is when the VPN fails to route DNS requests to it’s own DNS servers and instead routes them through the user’s ISP’s DNS service.

DNS leaks

The DNS (Domain Name Service) is designed to keep details of the mapping of website names (and other internet based resources) to their relevant IP addresses.

Allowing requests made for websites by their website name, as typically done in a web browser address bar, to be then translated into the corresponding IP address and using routing protocols send the information onwards to the website with the associated IP address.

When the VPN fails to route the DNS requests through its own DNS servers, it allows the ISP to see which website was requested by their customer and this is duly logged in their DNS logs.

These DNS logs provide monitoring details of the ISP’s customer which can remain in situ for several months or even years. So, if anyone wanted to find what the ISP customer was doing, these logs will provide them with the information of the websites they visited and when they visited them.

WebRTC leaks

Another source of leaks is WebRTC communications used for video calling, voice calling and some forms of file transfers, whereby the VPN fails to route these communications through its encrypted tunnel. Instead, allowing the communications to travel directly as they would normally through the ISP and out to the internet.

This means the ISP will probably have logged the communication and this could be used for monitoring purposes or for trying to identify IP addresses used by their customers, should law enforcement or government agencies request so.

A good VPN will have some form of WebRTC leak protection by proactively pushing this traffic over the VPN secure channels. WebRTC communication can also be disabled on some web browsers like Google Chrome and Mozilla Firefox. Other browsers like Apple’s Safari don’t have the capability to disable the WebRTC communications so a good VPN may be essential.

7. Don’t use a VPN Proxy

A VPN proxy isn’t a real full on VPN instead some of these VPN Proxies only use the VPN at the start of their names to try to market themselves when they are nothing more than an anonymous proxy.

Many of these so-called VPN proxies don’t provide any form of encryption, so any data sent over their connections isn’t secure, more so if this data doesn’t use a secure web browsing protocol like HTTPS/SSL.

These anonymous proxy owners can also be already compromised or even open to selling monitoring data to law enforcement and government agencies, as they don’t have robust privacy policies.

Is using Free Anonymous Proxy safe?

Using a free anonymous proxy is not safe as many of these have been set up with malicious motives, to steal personal data including passwords, banking details or sell the web browsing habits of their customers to marketing firms.

Conclusion

Using a good reputable VPN will make it difficult for any traffic traversing the VPN to be monitored and any history of online activity will also be non-existent if the VPN has a no log policy.