[walrus01]

it seems like there's a couple of hundred consumer-facing VPN service providers, all with slick looking marketing websites to sell you a $5/mo service.

lots of them are nothing more than 1 or 2 people and some rented 1U servers or dedicated servers somewhere on whatever ISP that can find with cheap IP transit / DIA rates. maybe a part time website design/graphic arts person they found via fiverr to make things look cool.

from the perspective of a colocation-specialist ISP or medium sized generalist ISP that offers colo, they get lots of weird requests for colo and dedicated server services from VPN companies they've never heard of before. often with something like a corporate entity that exists in cyprus, panama or even weirder places.

looking at this in terms of the risk that a VPN provider presents to an ISP's reputation, IP space, attracting unusual volumes and numbers of DDoS, etc... there is a certain amount of "KYC" (exact same idea as finance industry KYC) that needs to go into a potential vpn service provider as a colocation client before quoting them a price or accepting them as a customer. fail to do that at your own risk.

it's very much in the weird/shady/grey market end of the ISP market.

the level of technical acumen and professionalism varies greatly between VPN providers.

[rosndo]

> often with something like a corporate entity that exists in cyprus, panama or even weirder places.

Wait? How is Cyprus supposed to be a weird place to incorporate?

I suppose Delaware is weird too? It’s not like anyone is actually based there.

>looking at this in terms of the risk that a VPN provider presents to an ISP's reputation, IP space

None, because you obviously make the VPN provider bring their own IPs. And even if you don’t? Just block email and the IP reputation issue is solved.

>attracting unusual volumes and numbers of DDoS, etc..

This has calmed down so so much over the past years.

> fail to do that at your own risk.

Not much risk at all as long as you make them prepay their bills. Nobody is getting depeered because they offered colo to a sketchy VPN provider.

Literally nothing can happen, the big ISPs do not give a single fuck about this.

(I don’t have any involvement with VPN nonsense, but do have extensive experience with “bulletproof” hosting)

[tomrod]

Who are reputable in the space?

[walrus01]

mullvad, the company mozilla recently partnered with.

not much else...

I am biased because I do my own VPN so all of them seem shady to me.

[Enginerrrd]

Tangential to the thread, but I've never understood what people mean when they say this.

Do you run all your personal traffic through a VPS or something? That's not really offering the same thing as most VPN's. It hides your traffic from your ISP so they can't sell your data and snoop on you, but doesn't accomplish some of the anonymizing that an actual multi-user VPN can provide by adding additional traffic under the same IP.

So, what do YOU mean when you say you "do your own VPN"?

[walrus01]

One of the VMs that I have on a system in colocation is my own customized OpenVPN setup, where I also run the openssl CA for it. My phone, laptop, etc all have their own keys.

It's set up for my own needs when I want to use a VPN from a weird place. Or simply to bypass artificial restrictions on traffic if I'm on amenity wifi in somebody's office, airport, hotel, etc. Since I can arbitrarily reconfigure it at will, and run multiple openvpn daemons from differnt .conf files listening on different ports with unique configurations (all relying on the same CA), I can do things like have one VPN that pushes a default route for my spouse's need to do internet things on restricted amenity wifi.

Another part of it pushes only routes to a few /24 that are my personal project servers, and the routing table on vpn clients remains otherwise unmodified. Sometimes known as a split horizon VPN.

>95% of the time I am not using it to run all my traffic through there.

It's also the gateway and pushes routing table entries to things that exist for my personal test/project/development VMs that are in private IP space, so I need to be connected to the VPN in order to talk to those.

[Enginerrrd]

Thanks for responding, that sounds cool! I have contemplated a similar setup myself.

[tata71]

> thread about sec

> OpenVPN

[tomrod]

What is your context here?

[__turbobrew__]

Seconded mullvad. The only vpn provider which accepts cash by mail as a payment method.

No email needed for sign up either.

[ricardobayes]

protonmail