Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Ask SoylentNews: VPN Segmented Browsing?

posted by martyb on Monday October 02 2017, @02:35PM   Printer-friendly
from the we're-not-out-to-get-you dept.

Bravely Anonymous writes:

I'm about to move and at my new address I'd like to start out more secured against my ISP and doxers/stalkers. Basically I think I should use a VPN/VPS for personal related traffic (email, shopping), another VPN/VPS for online communities, and then regular net access for random browsing (is all that overkill?). There's been articles in the past about VPN providers (feel free to recommend someone), but there's less about how to configure your network and computer to use them. I'd prefer to be able to use all three at once, but I've heard most people recommend configuring their routers to a single VPN to prevent leakage. But then one company could be logging all your traffic again or it would be easy to forget to switch to/from the VPNs. Is that necessary? Is there Linux-based software which completely restricts applications to certain networks or is that something I should manually setup through iptables and /etc network scripts? My primary OS is LMDE (Linux Mint Debian Edition) and my current router runs DD-WRT, though that might change with the new ISP.

In summary, what's a good strategy to keep the different parts of your online life segregated from each other other than simply using different user names?

Thanks for your insights.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Ask SoylentNews: VPN Segmented Browsing? | Log In/Create an Account | Top | 37 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Informative) by xorsyst on Monday October 02 2017, @03:44PM (1 child)

    by xorsyst (1372) on Monday October 02 2017, @03:44PM (#575934)

    Use a VM solution so that you have a host and 2 VMs with networking configured in bridged mode.

    Use the host for "most" browsing, no VPN.
    Run VPN software in the VMs to make all their traffic go to the (separate) VPNs of your choice.

    Starting Score:    1  point
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 2) by Marand on Tuesday October 03 2017, @03:17AM

    by Marand (1081) on Tuesday October 03 2017, @03:17AM (#576398) Journal

    Came here to make the same suggestion. The only way to make a setup like that reasonably robust is to use multiple VMs and set up each one to connect and route through the appropriate VM. Trying to manage routing tables (as someone suggested) will get frustrating fast, and there's always a chance of leaking data to the wrong VPN if something uses a new IP somewhere.

    I'd say try to set up a separation based on tasks, using the host for the desktop environment + hypervisor duty, and VMs for everything else. Make different VMs for different "roles" like personal private, work private, personal public, etc.

    If you want to see an OS made specifically to support this kind of use case, look into Qubes [soylentnews.org], which does exactly what I describe, and takes it a bit farther by drawing different titlebar colours for each domain so you know at a glance which one you're dealing with. Qubes might actually be exactly what the submitter wants for this, though I don't know how difficult it would be to set up per-VM VPNs for it.