this post was submitted on 03 May 2024
25 points (87.9% liked)
cybersecurity
3222 readers
96 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are ways, but the VPN/Personal Router route will thwart 99.99999% of businesses out there (For a non-cellular enabled laptop and you refuse a work phone)
The remaining .000001% that go the extra mile are going to be dealing high security, confidential secret stuff like TS gov defense contracts or something
Your cybersecurity team is going to be annoyed with you using a non-corporate VPN if you have one. Any monitoring they have will probably have something that will ping on using common VPNs, but at most companies, consequences there likely won't make it to HR. May make it to your manager though if they think it's a sign of compromise.
Ez-Pz, cheap VPS + VPN server
Or I think there are also VPNs that advertise using "residential IPs", I know that's a thing with SOCKS proxy services.
Yeah, common VPSes are monitored too, it's a very easy add. Alert on IP ranges from a publicly maintained and easy to find list is not a hard ask. If you ran it through AWS, it would probably pass a lot of basic checks. Using residential IPs will probably get you a bit of time, but I can't imagine there being a good way to do that without it being very hard for the VPN provider to keep up and very easy for a security company to just make a new list of IPs and assume the whole range is bad.
Your best defense here though is that your cybersecurity team probably doesn't care that you're doing this once it's determined that you aren't a malicious actor as long as you aren't creating too many alerts.
When I use a VPN I am disconnected from anything relating to my companies network. Includes email. They use microsoft services.
When you use the VPN are you using/opening the VPN on the device itself instead of a dedicated wireless router configured with the VPN instead?
If so, that's your problem, otherwise it's like the other commenter said, they're probably detecting a common VPN IP if you're using a common service. Grab a cheap VPS in your desired location and setup a VPN server and connect to that instead
Or spin up an ec2 instance yourself and route everything from there.
Amazon can get you fixed ip for cheap.
Yep, on the device itself. Thanks!