Normally VPNs require a lot of configuration and they also cost a lot.
Hamachi is a free, UDP based, centrally managed VPN system. It requires less
configuration as compared to other VPNs. It is comprised of backend servers and
end to end peer clients, i.e. its peers locate each other with the help of a
third node called Mediation Server. To initiate a connection, it uses the Boot
Strap protocol. The connection is direct between the peers and going by what
Hamachi claims, no traffic flows through their servers. Which straightforwardly
implies that they're not peeking into your data.
A Hamachi client is identified by its Hamachi network address. This IP
address is assigned the first time the client connects to the mediation server
from a 5.0.0.0/8 subnet, and gets statically associated with the client's public
crypto key.
|
As long as the client retains its key, it can log into the system and use the
respective 5.x.x.x IP address as is used by Hamachi servers for authentication.
The 5.0.0.0/8 subnet is used to avoid collisions with other IP addresses that
might already be in use on the client side as this subnet is currently reserved
by IANA and not used in an Internet routing domain.
Configuring Hamachi
Using Hamachi is very easy. Upon installation, it automatically creates a
Hamachi Network Interface. You can use it by opening the specific link in
Programs menu. On the bottom left of the main window, click on the Power button.
Hamachi will start connecting to its Mediation server, where it will acquire its
unique Hamachi network address. Now to create your own VPN, click on Hamachi's
Networking Menu and on Create New Network. In the window that pops up, provide
the name and password for the network and click on Ok. Your network is created.
Hamachi creates a virtual LAN of systems |
Similarly, if you want to join an already created network, click on Join a
Network under the Networking menu and provide the username and password for the
network you want to join. Once you are on the network, you can see all nodes
(online as well as offline) in the main window with their unique Hamachi network
addresses. You can also block or evict a node. It also lets you appear invisible
to the network. If someone steals your Hamachi public IP and hacks into your
computer, don't panic. To prevent such an eventuality, Hamachi has a built-in
safeguard whereby only the nodes of the same LAN can communicate amongst each
other. Therefore, nodes from other LANs can not peek into your network.
Implementing Hamachi
Now, lets discuss how to implement Hamachi in a real world situation. If you
want to browse a remote node with Windows file sharing, right click on the node
and click on Browse. Similarly, if you want to have a meeting (text based) with
the remote node, right click on that node and click
on Chat. These messages are encrypted with symmetric cipher algorithm and
authenticated with MAC. Every message is also uniquely numbered to prevent
replay attacks. Now, if you want to remotely access any node, open Windows
Remote Desktop Connection. In the Computer Name field, provide the Hamachi
network address and connect. Once connected, provide the username and password.
The same applies to Microsoft Windows Meeting, and with VNC.