The goal of this article is to educate the new and non-IT expert VPN service users about the logging part of VPN both by the VPN service providers and the local computer. To reach that goal, in this article, we will cover the basics around the VPN Logs and explain phrases such as Zero Logging VPN, No Logging VPN. Also, we will give a real-life example of using a Windows client of a paid VPN service on Windows 10 to demonstrate the procedure to check the VPN log on the local computer.
VPN created with virtual point-to-point, virtual tunneling protocols, traffic encryption etc. Traditional VPNs use point-to-point topology and Microsoft Windows NetBIOS may not be fully working. Virtual Private LAN Service (VPLS), Layer 2 Tunnelling Protocols (L2TP) does not have such limitations. We can classify the VPN systems by tunneling protocol, tunnel’s termination point location, type of topology of connections, levels of security, OSI layer they present to the connecting network, number of simultaneous connections etc.
|Table of Contents|
Basics of VPN Logs
Virtual private network practically a proxy just like we set up Nginx server to listen to another server’s IPv4 server. Of course, the protocol is different for VPN than used for Nginx server but the basic is the same. That is the simplest way to explain the mechanism of how a VPN service works. On the main server’s log file, we can see the IPv4 connections from the main server and on the Nginx server’s log, we will obtain the real IPs, the user agent of the traffic requesting a request of URL etc. VPN logs from VPN service provider’s side are somewhat comparable to the above example. As a user, we have absolutely no way to verify at what level a VPN provider logs their users and how much data they are retaining. The above example with Nginx server clarifies that for server administration and to avoid any legal trouble, many VPN services will need to retain log at least for a few hours. Some VPN providers can keep log files for several weeks or even months, others keep for several hours.
Operating a VPN is quite an expensive matter. From our example of using simple Nginx reverse proxy, it will be obvious that for a just reverse proxy set up of that kind, we need two servers. VPN service provider company employs highly qualified network engineers to set up, configure, monitor the servers. Not to forget the cost of bandwidth. For a high-end professional service, we cannot expect to have just two virtual servers in their set up unlike our example with a reverse proxy. Cheaper VPN services, however, use virtual private servers. More servers on their network make their set up and logging much more complex. If a VPN service provider is providing free VPN service then they are getting the money from running the infrastructure from somewhere else. One such way is serving to advertise. Advertising means, that they are collecting user information to know some facts – like the user is not a bot and serve the users relevant ads specific to gender and age. It is meaningless for an ad serving company to deliver an advert for a fast sports car to an older person. The chance to purchase a sports card by an older person is lesser. If a VPN service is free, then they are either not anonymous by any means or has some crippling limitations like speed restrictions or some other limits.
There may be different logs stored by the VPN service providers, most trusted providers probably do not store logs for a longer period. Full traffic log VPN logging is like our example of Nginx Proxy with logging enabled – they store all the data like connected real IP to their server(s), user agent, URL surfed etc. Metadata logs VPN logging does not store the URL accessed but stores all other data like in case of full traffic log. No logs VPN or zero logs VPN claimed to store no data at all. No logs VPN or zero logs VPN technically not impossible to set up. However, Govts of UK, Europe, Australia and US forces to store some data of the users. So, probably you’ll need to do a research to find possible safe VPN. There is VPN service where police made a raid in their datacentre and found no logs, that fact came into the news. In other words, the claim of no logging by VPN service provider actually exists but sadly not possible to verify without a police raid!
It is important to understand that modern tracking is not like just old days’ IP tracking systems. Modern tracking involves carrier-grade NAT and probably backdoors at OS and hardware level to detect the signature of the machine.
Zero Logging VPN for Windows 10
In the context of Windows 10, the phrase VPN logging bears an apparent dual meaning to the new users. The common meaning is the logging by the VPN service provider in the way described above.
We use VPNs not only to conceal our IP address. There are some use cases where we might need to use a VPN. For example, when we are using a possible known-hostile network like a public airport WiFi access point, or using an ISP that is known to use MITM then we can use a VPN service or we can use to bypass basic governmental screening. For example, it is safe to SSH with a good VPN with a dedicated IP. VPN logging is an important matter even for such use cases. When we are accessing our servers via SSH or (s)FTP, then for security reasons it is better to use VPN with zero logging or no logging. Because if VPN service provider’s server is compromised, IP and open port of the servers become obvious. That information may help to somewhat easily intrude a server than without any information.
We also use the phrase VPN logging for logging by our Windows computers. This two logging are separate events and this later one is under control of the user. However, checking VPN logging on Windows operating system is not that easy to a new user, but such logging may be a wanted feature to a particular user group. The phrase VPN logging on Windows often confusing with VPN logging on the servers of the service provider.
How to Check VPN Log of VPN Client Application
Now, we need to clarify the VPN logging system on the local computer running Microsoft Windows. We can provide an example such as the usage of SurfShark VPN for our office usage and their Windows client application. Instead of SuftShark, it could be some other VPN service. In any case first, we need to be their client. Then we should follow their instruction to setup VPN on Microsoft Windows. Then, as for SurfShark we will download VPN app for Windows and install. SurfShark claims to be a strict no-logs VPN service provider and is affordable for our sysadmin works. In an ideal situation, SurfShark will have no logging on their servers. However, the Windows operating system itself has own way of VPN logging which may be turned on or off with checking an option. A VPN client software may also control that option. This VPN log is better to be referred as VPN client log. The logs for the VPN Client on Microsoft Windows are viewable via Computer Management. To access Computer Management, we need to navigate to the Windows start menu, search and open Event Viewer. Within the Event Viewer program, there will be a pane named Actions. In that Actions pane, we can click select Create Custom View or Filter Current Customer View. Then we can select the event severities option listed under the Event level option. Then we will click the Event sources pull-down menu. Thereafter we can select the event sources to investigate what sources we would like to view. For our example, the name of the event sources can be VPN Client or vpnagent or vpnui or DHCP – DHCP-Client or some name indicating SurfShark application. The name under event sources depends on the version of the VPN client application. Now, we will save the filter as Custom View. Then we will select the log event in the event browser page located at the top. The Event Properties clickable option in the middle of the pane has the log details for an event. We can double-click an event to bring up a new Event Properties window.
We believe that this article has covered the basics around VPN Logs and Zero Logging VPN with the example of checking logs using Windows client application. Also, we have clarified the VPN logging on servers and VPN logging on users’ computer. The use case of VPN varies. VPN no way a measure of complete “no tracking” but mostly protects from various malicious intruders via known and unknown loopholes of the servers of ISP.