Skip to content
July 12, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • Technique
  • Talking about VPN and Agent
  • Technique

Talking about VPN and Agent

Do Son July 25, 2017 4 minutes read

Preface

VPN and proxy are two common “over the wall” approach, then what is the difference between the two: applicability? safety? access speed?

Proxy

1.1 Principles

  • The proxy server is located between the client and the Internet. The server receives the request from the client and then sends the request to the target site instead of the client. All traffic routes are from the proxy server’s IP address to obtain some resources that can not be obtained directly.

1.2 proxy is divided into HTTP proxy and SOCKET agent

HTTP proxy is in the HTTP protocol layer of the proxy service, can only handle HTTP / HTTPS requests, mainly to meet the user Web browsing web needs, because only deal with HTTP requests, processing speed.
SOCKET agent does not resolve network traffic, transfer packets and do not care what kind of application protocol, which makes SOCKET agent can be used for a variety of environments, support FTP, SMTP, HTTP, also supports QQ, BT download and other applications, There are typical Shadowsocks. Usually divided into socks 4 and socks 5 two types, socks 4 only supports TCP protocol and socks 5 support TCP / UDP protocol, also supports a variety of authentication mechanisms and other protocols.

VPN

2.1 Principles

VPN (Virtual Private Network), between the client and the host to establish an encrypted tunnel, the client’s request to encrypt all the way to send to the VPN server.

2.2 mainstream VPN is divided into PPTP, SSL VPN, IPSec VPN

PPTP (Point to Point Tunneling Protocol) Point-to-Point Tunneling Protocol. Using the PPP protocol to encapsulate the data, add an additional header for the transmission of data on the Internet, using MPLS encryption authentication, work in the data link layer. The current computer, smart phones, and other devices are supported by this agreement, no additional software can be installed.
IPSec (Internet Protocol Security) VPN using IPSec protocol to achieve VPN technology, work in the network layer. Including LAN TO LAN (station to station), ENDTO LAN (end to a station) and so on.

Contrast

3.1 Resource characteristics

  • VPN is the client and server configuration in a LAN domain, all in the configuration of the VPN server to the server specified in the LAN within the IP, and the statement can be used to assign to the client IP range, each client connected VPN, Will be assigned to a characteristic IP address, you can view through ipconfig / ifconfig.
  • Proxy, the server only accepts the client’s request packet, and then forwards the client without assigning a specific IP address.

3.2 Applicability

  • PPTP VPN / IPSec VPN and other common VPN the best applicability, computer equipment, smart phones, PAD intelligent devices by default support such VPN connection, without any additional software to obtain VPN services. SSL VPN usually requires the installation of specific software to use. All traffic from the default computer is transmitted over the VPN
  • Proxy mode generally needs to install the client to use, you can also set up through the browser proxy, the default only set the proxy application (usually the browser) traffic package through the proxy server.

3.3 Security

  • PPTP is the most common VPN, installation and deployment is very simple, there is no shortage of online “one-click build” tutorial, but PPTP VPN using MSCHAPV2 authentication protocol, the agreement broke a lot of security flaws on the Internet, may lead to man-in-the-middle attack Blasting (asleap + thc-pptp-bruter), and the secret key space is only 2 ^ 56, the use of professional attack equipment can be cracked in a short time encryption key, access to VPN communication content.
  • IPSec VPN uses AH protocol to provide data integrity and identity, using ESP protocol for data encryption. SSL VPN uses SSL to encrypt traffic and has a higher level of security than PPTP.
  • Shadowsocks uses AES-256-CFB or RC4-MD5 encryption, the security is relatively high.

3.4 access speed

  • Online for SOCKET and HTTP proxy speed comparison of the word, some people think that SOCKET agent directly forward traffic, do not care about the specific agreement, and thus faster; also said that because of the agreement to support the processing, encryption takes longer, so the speed Slower. I think the actual application, the limiting factors are mostly client-to-VPS access speed, encryption time and the number of protocols is not the decisive factor, the bandwidth is relatively fixed, the type of agreement, resulting in the page browsing speed sensual slow, but The total flow is almost flat. This can also be compared to the Shadowsocks proxy browser to feel faster than the VPN, the default VPN is the system global proxy, all the requested traffic to spend bandwidth, and Shadowsocks only the agent’s data traffic, the same bandwidth sensory browsing speed is really faster

Share this article:

Facebook Post LinkedIn Telegram
Tags: vpn

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-61447CVSS 10.0
    PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that...
  • CVE-2026-61445CVSS 9.9
    PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in...
  • CVE-2026-60090CVSS 9.8
    PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
  • CVE-2026-57827CVSS 10.0
    The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload...
  • CVE-2026-57828CVSS 9.0
    The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file...
  • CVE-2026-14480CVSS 9.9
    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the...
  • CVE-2026-20744CVSS 9.8
    The charging station websocket endpoint accepts connections without proper authentication, which could...
  • CVE-2026-57807CVSS 9.8
    Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
  • CVE-2026-55879CVSS 9.3
    OpenReplay is a self-hosted session replay suite. From 1.24.0 before 1.25.0, the...
  • CVE-2026-12761CVSS 9.8
    The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.