how HTB VPN works?

Hi Guys, I have few questions about HTB VPN.

how HTB VPN works? how normal internet traffics and HTB machine traffics are handled? how the connectivity is happening while normal traffic and while trying to access the HTB machine?

Comments

  • Hey bud.

    For a non VPN connection - The data you send to a server will get routed through ISP(Internet Service Provider). Your Public IP will assigned with the help of DHCP.

    For VPN connection (HTB or any) - The data you send to a server will get routed through your private VPN server instead of ISP. Your IP will get assigned with the help of VPN server LAN IPs availability.

    Mostly VPN servers are free and paid to use. It uses certificate just like SSH keys for authentication.

    Detailed article: https://computer.howstuffworks.com/vpn.htm

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • @gunroot

    Thanks for the information, but need more information on my queries. My public IP doesn't change after I connected to HTB VPN why?

    and apart from HTB machine traffic my other traffic also goes via HTB VPN? (if yes why this happening and how? if no means how the connectivity is happening, how the traffic are dividing?)

  • There are two types of IP addresses.

    1. Private IP - You can see it in LAN settings using (ifconfig command or similar in ipcinfig in windows) - This is the address of your machine which can only be reached from LAN only.

    2. Public IP - Have you ever thought how you can ping Google's IP (8.8.8.8) from your machine since it is not in your LAN ? This is because of your Public IP which will get assigned dynamically (changes frequently which depends on availability of public IPs) by DHCP (Dynamic host configuration protocol). This is the IP address by which you gets connected to all over the network and of course you can reach any server via this IP only.

    ..... Traffics .....
    To understand how traffic separates from public IP to VPN IP, you must need to understand the concept of IP addresses classes.

    Address range for private IP addresses - example for understanding

    1. 10.0.0.1 - 10.255.255.255 (used mostly in VPN and of course HTB VPN works with this range only - this is called as tunnel 0 - tun0 in ifconfig)

    2. 192.168.0.1 - 192.168.255.255 (used in LAN - when you connects to a WiFi, you can see something like 192.168.181.24 you will get this assigned with availability for IP addresses in your LAN - eth0 in ifconfig)

    The addresses I mentioned above can be pinged only with your respective tun0 or eth0 IP addresses (private) only, where you can ping public servers like Yahoo, Google, Facebook with your dynamically assigned public IP address like 111.xx.xx.xx (you can find this by typing 'whats my IP in google') only.

    As I already mentioned that VPN servers require certificate verification (read your .ovpn file) so that you can legitimately connect to that private VPN server.

    This is how it works - I hope it helps you.
    Please read more about this in articles so that you can understand it better and I may missed something.

    Good luck. ;) Happy learning and happy hacking.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • @SathishShan said:

    @gunroot

    Thanks for the information, but need more information on my queries. My public IP doesn't change after I connected to HTB VPN why?

    It depends on what you mean by public IP. If you mean the IP address on the public interface of your ISP, then yes it remains the same. But it has to.

    A VPN is a tunnel that runs over your public internet connection - but this does make it more complex to understand.

    There are different types of VPN. Some route all your traffic over the VPN, others route some traffic over the VPN (often referred to as "split tunnel VPNs"). It can boil down to a simple choice between privacy and capacity.

    As an example : in an org with 100,000 employees working from home, the network team will never want all their browsing traffic to go over the corporate network, so they will probably use a split-tunnel VPN so traffic to corporate systems goes over the VPN and random internet browsing goes direct from the workstation. In this case, the VPN is largely a way to secure access into a single network, not secure all traffic from the users machine.

    Alternatively, you might be worried about traffic interception and decide to use a personal VPN. This will take all your traffic and route it to the VPN providers servers where it will be broken out into the internet. Now you will (or at least should) see your public IP change because all traffic is being routed this way.

    and apart from HTB machine traffic my other traffic also goes via HTB VPN?

    No. Thats why if you connect via the HTB VPN and go to a website which checks your IP, it looks unchanged.

    (if yes why this happening and how? if no means how the connectivity is happening, how the traffic are dividing?)

    Because the VPN is able to split traffic. If your packets go to an IP address it recognises as being part of (for example) the tun0 range, it will send them over the VPN. Otherwise, it goes out via the normal connection.

    Now, I have vastly oversimplified some elements of this.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • @TazWake
    Thank you, thanks a lot.

  • @SathishShan

    Read more about IP classes and try to relate it to this. You will get some ideal points.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • @gunroot
    yeah, sure. Thank you

Sign In to comment.