VPN Lifeguard: kill switch for VPN connections
VPN Lifeguard is a free open source software program for Windows devices that adds a kill switch to VPN connections to avoid IP leaks.
A VPN is one of the better ways to improve privacy while your connected to the Internet. The main reason for this is that it blocks sites and services from identifying your device's IP address.
While there are ways to get around this, WebRTC comes to mind for instance, it is without doubt adding a protective layer to the connection.
There are numerous ways to connect to VPNs. From using third-party software that the VPN provider offers to OpenVPN, or PPTP. Depending on the solution, you may get extras such as an Internet kill switch or DNS leak protection.
VPN Lifeguard
VPN Lifeguard supports PPTP and IPSec, but not OpenVPN or third-party VPN clients. While that is limiting, those who do connect to VPNs using the supported options may benefit from running VPN Lifeguard in several ways.
The main reason for using the program is that it adds a kill switch to the VPN connection. If the connection to the VPN drops, VPN Lifeguard will block all Internet traffic to avoid IP leaks.
The software ships with a couple of extras on top of that, for instance options to establish the connection to the VPN automatically again, or reload certain applications when the connection to the VPN is successful.
You can start the open source program right after download. Please note that it requires elevated rights, so right-click on the program and select run as administrator.
You may want to establish a connection to the VPN so that the program identifies it properly.
First thing you may want to do is select Config to configure the program properly. It may detect certain settings automatically.
Make sure the local IP of VPN, and the IP of the box is set up correctly. If you are in doubt, hit the question mark button to run IPconfig on the local device.
Other options that you have here include selecting the programs that you want VPN Lifeguard to manage, configuring autorun for the program, and to close software automatically when VPN Lifeguard is terminated.
The main interface lists the known networks, and provides you with options to start and stop the monitoring of the VPN connection.
Here is a demo video by the author that demonstrates how VPN Lifeguard works.
Closing Words
VPN Lifeguard may be an option for you to improve your privacy on the Internet when you connect to a VPN service if that connection happens over PPTP and IPSec. The program is of no use to you otherwise.
The program could use some instructions that explain how you configure it properly, and test whether everything is working fine.
Now You: Do you use a VPN service regularly?
Thanks for the review !
VPN Lifeguard is also available for Linux since some months !
You can purchase a VPN Router from FlashRouters, and they will gladly implement a Kill Switch (for free).
Hi Martin,
I’d love to hear your thoughts/analysis on PureVPN’s Windows client app. It seems a bit cloggy on the system — though, it doesn’t take up on a lot of system resources, however, I notice the system to be a bit faster and smoother when i fully exit the PureVPN app. I hope there aren’t any hidden ghosts in the program’s code. :)
I didn’t have this sort of issue with ibVPN’s client. Anyway, what do you recommend… as in, opt for Manual settings on Windows or use the PureVPN app?
Thanks.
Cheers,
AAA
Well I tried it and it sort of works but I feel much safer setting up a Comodo VPN Firewall instead. Comodo is free of charge and there is a great guide on how to do the setup here https://www.liquidvpn.com/setup-vpn-kill-switch/
Some VPN’s, like PIA, have the killswitch built-in, rendering this type of thing unnecessary.
My solution:
Install “OpenVPN”
Install “Simple DnsCrypt”
Install the “QuickJava” extension and turn off RTC
Check for leaks at “https://ipleak.net/” and troubleshoot if necessary.
How do i install the QuickJava extension? Thanks
https://addons.mozilla.org/en-US/firefox/addon/quickjava/?src=ss The extension is for Firefox. I don’t know if you can get it for Google Chrome or not as I don’t use chrome.
There are instructions at the following site as well on how to turn off RTC in about:config if you don’t want QuickJava.
https://www.privacytools.io/
The people who use TOR or a VPN should stick to Linux devices. Ideally an “always ON” concept. An intermediary piece of hardware such as a Raspberry Pi 3 Model B could provide this layer of protection.
Let me explain why: Recent attacks on Firefox showed that even a simple piece of JS can leak your IP. WebRTC caused such issues in the past as well. How to stop these exploits? Make sure they cannot run on the machine that creates your TOR/VPN tunnel!
Which is why a separate Linux box is required for the security minded person. One packet leaked before this killswitch here cuts a conenction could already be your last. Depending on what you do. For example a journalist in a totalitarian foreign government.
Watch youtube tutorials on how to build a TOR or VPN box with a raspi.
Try pfSense, its based on FreeBSD.
I can see an argument or a separate box, but I don’t see the requirement for Linux. Are you suggesting Linux just because it’s free and capable? I agree that it’s a sensible choice, but you make it sound instrumental.
No particular dependence on linux. FreeBSD would be even better. Technically you can setup the necessary routes on pretty much any platform back to windows 95. Unixes are just a bit easier, if you’re one of the elite high priesthood of the technoscenti.
Linux works on lots of different architectures and dated or weak hardware. Getting important security fixes daily if the need should arise. Windows patch days are once per month only, they rarely push patches out of shedule, unless it is a really really bad CVE.
I’m no missionary, in fact I dual boot Win 7 and Debian.
You could use a rpi, but it makes more sense to use your router to do it, like I posted above. Simplifies the configuration and saves you a separate piece of hardware.
Really? I know my router firmware (merlin on Asus) supports Tor, but didn’t realize it required a lot of horsepower as I don’t use it.
Not disagreeing, but my router wouldn’t be able to handle TOR.
This sort of thing is fine if you’re pirating movies and afraid of getting a DMCA letter from your ISP, but if I was a political dissident in a totalitarian country like China I wouldn’t feel secure with a client-side program. Aftermarket router firmwares like Merlin for Asus routers include an OpenVPN client and support policy-based routing which you can configure to never send a single solitary packet over the WAN– everything must go over the VPN.
This is configurable on a per-IP basis as well, so you can allow your Roku streamer to go over the WAN (so Netflix works) but your laptop only on the VPN.
Thank you for this insight :)