When you run VPN, the bigger network just sees an encrypted stream, with no way to identify the contents of individual packets. Assuming the machine you're using isn't compromised (and I don't imagine your school IT department has that kind of capability), your activities are quite invisible to them.

Thing is, they can see that you're hiding your activity from them. If they're serious about filtering content, sooner or later they're going to tell you to cut it out. Then again, their use of a simple-minded content filter suggests that they're after the appearance of Proper Adult Supervision, not the actual fact. So you're probably fine, as long as you don't go around boasting about your ability to bypass the Great Firewall.

If this is your personal computer, and the school has not had any access to it:

• The IT staff can see that there is traffic, and that it is encrypted

• The IT staff can see that you're connected to VPN Reactor based on the endpoint of your connections from their networking equipment's point of view

• As long as your computer is routing all traffic over the VPN, the IT staff cannot actually see anything you're sending over over the network

• All traffic going over the VPN appears as if it's travelling to the VPN, from the IT staff's point of view

If this is a school computer, or there is some sort of school software installed on your personal computer:

• The IT staff could potentially be logging every keystroke you type, taking random screenshots, or remotely viewing your desktop, all without your knowledge

With all of that said, you'll want to make sure you're not violating your school's policies, as it may be against the rules to circumvent their security measures. If you're not worried about that, Isaac's advice about staying under the radar is probably a good idea.

They can set up transparent proxy. And they can see that many requests (megabytes) is going to single domain / ip. So, they can view what that domain/ip is and block that. But they cannot see what data is sending to that ip/domain.

The answer really depends on how your VPN is setup. If you're using the DNS provided by your VPN server (DNS via DHCP) then your domain name queries will be encrypted too. However, if you have manually configured your VPN connection to use custom DNS servers, then your domain queries will be very revealing; especially if you use chrome.

A security researchers two pesos:

Scenario: Kid wants or is using a vpn to bypass content filter ACL's on the school's firewalls.

Environment: Based on provided information. 1+ Fortigate Firewall : Manufacturer-Fortinet

Variables: Laptop:

Kid owns it: If this is your laptop and your allowed to use the schools network then it's likely that the network your using is part of a DMZ. In other words, the Network guys don't care what you do on the Network and the content filters were put in place for either liability and or moral reasons. Its also likely that your egress traffic through the Firewalls are rate limited anyways, meaning that you can only use a limited amount of bandwidth. i.e.-1.5 Mbps for example. Point here is, most likely no one is paying attention so...

School owns the laptop: If this is true then I'd assume that you have to login to a domain that the school setup. In other words, when you login to your laptop it might look something like " myschoolsucks\vpnkid ". If this true, then you might want at least ask what the policy is regarding the use of VPN's, and let the answer to that dictate your actions. No policy, no repercussions.

Summary: Fortinet products can actually be very advanced and shouldn't be disregarded as a low end Firewall. Also, if the network your using at school isn't a DMZ, but rather a "production" network, and I was in your position hypothetically. I would error on the side of caution because, and I'm speaking from experience. Your VPN, almost no matter how high the encryption values are, can absolutely be tracked, then packets tagged for collection, decrypted, recompiled and analyzed. Also, if the Network guys were smart would already be tracking and logging traffic from your device.

Advice: Ditch the VPN and buy a Logmein account, install it on a computer at home and just remote into your home computer when away...

--M.Mouse

If your using a mac and it's your own laptop, go to system preferences, sharing, and turn remote management off.

Also go to system preferences, profiles and delete all profiles that has the school name in the description.

THIS IS ONLY FOR SCHOOLS THAT USE MAC.