How secure are the VPN servers at TUVPN.COM ?

TUVPN News Add comments

As we have received several requests regarding this topic via our live chat service and ticketing system, we wanted to shed some light on it.

Let's start with the bad news ;). In the world of computer security, there is a saying that "the only secure computer is one that is enclosed in a sealed room, protected by guards and cameras, no network connection and switched off ….."

Having said that , the VPN servers at TUVPN.COM have been configured by extremely competent security professionals according to the highest standards for security. By this we are specifically referring to:

  • Firewall protection with an extremely streamlined and powerful software (so now you understand why our servers are so fast !).

  • Only essential services configured. Each server has the very minimal packages necessary to provide the service. Again this provides increased performance.

  • Installing patches and updates as soon as they are available and permanently scanning vulnerability publication sites for latests security news.

  • All TUVPN.COM network servers are monitored 24×7 using Zabbix, one of the best monitoring software available. Any incident is immediately detected and acted upon.

  • No open internet access to our authentication servers. This means your VPN credentials are extremely safe.

  • Exclusively dedicated to the VPN services provided.

  • Intrusion detection software on each VPN server.

  • Monthly automated vulnerability scanning and reporting.

Even more important than this, is the continuing commitment to the security of our servers and therefore the data from our users. Continuous integration of daily controls and process improvements contributes to the provision of the TUVPN.COM service.

This leads us to be able to say, with a reasonable level of confidence, that the TUVPN.COM servers are extremely safe and therefore the security of your data is more than reasonably assured.

This is something that anyone using a VPN service should take the time to check and ask.


3 Responses to “How secure are the VPN servers at TUVPN.COM ?”

  1. Mike Says:

    I thank the suggestion and think its a good idea but I’m not sure about adopting the AES method as its for me anyway, too ‘American’ and widely used.

    Blowfish is good and you could easily simply increase the key strength on that from 126bits anywhere up to 448bits but more likely 256 is a safer bet.

    If OpenVPN supports Twofish I would go with that as its the successor to Blowfish.

  2. Timmi Says:

    The following are the supported encryption algorithms in OpenVPN

    DES-CFB 64 bit default key (fixed)
    DES-CBC 64 bit default key (fixed)
    RC2-CBC 128 bit default key (variable)
    RC2-CFB 128 bit default key (variable)
    RC2-OFB 128 bit default key (variable)
    DES-EDE-CBC 128 bit default key (fixed)
    DES-EDE3-CBC 192 bit default key (fixed)
    DES-OFB 64 bit default key (fixed)
    DES-EDE-CFB 128 bit default key (fixed)
    DES-EDE3-CFB 192 bit default key (fixed)
    DES-EDE-OFB 128 bit default key (fixed)
    DES-EDE3-OFB 192 bit default key (fixed)
    DESX-CBC 192 bit default key (fixed)
    BF-CBC 128 bit default key (variable)*****
    BF-CFB 128 bit default key (variable)
    BF-OFB 128 bit default key (variable)
    RC2-40-CBC 40 bit default key (variable)
    CAST5-CBC 128 bit default key (variable)
    CAST5-CFB 128 bit default key (variable)
    CAST5-OFB 128 bit default key (variable)
    RC2-64-CBC 64 bit default key (variable)
    AES-128-CBC 128 bit default key (fixed)
    AES-128-OFB 128 bit default key (fixed)
    AES-128-CFB 128 bit default key (fixed)
    AES-192-CBC 192 bit default key (fixed)
    AES-192-OFB 192 bit default key (fixed)
    AES-192-CFB 192 bit default key (fixed)
    AES-256-CBC 256 bit default key (fixed)
    AES-256-OFB 256 bit default key (fixed)
    AES-256-CFB 256 bit default key (fixed)

    Currently used for tuvpn is BF-CBC 128 bit

    The other two options I think are CAST5-CBC 128 bit and also AES-256-CBC 256 bit default key (fixed) or AES-192-CBC 192 bit default key (fixed) because 256 bit could impact on performance.

    I have used another big name vpn provider recently and although they had good service, the encryption they had which is AES 256 bit, tended to slow the connection down much more than tuvpn’s current methods.

    Tuvpn has great speeds on its networks and we need to maintain that while keeping security high. Perhaps if even a slight change was implemented and keeping with Blowfish, figure out if the CFB or OFB variants would be better than the current CBC thats implemented to the Blowfish.

    Something else to consider is the HMAC security, which currently is 160 bit using SHA-1 .. SHA-2 would be better.

    Control channel is the other consideration and at the moment we have a good standard at 1024 bit RSA.

  3. Timmi Says:

    We need RSA 4096

Leave a Reply


Get Your VPN NOW!

©2011 TUVPN.COM. All rights reserved.