Hamachi – Free Download
Hamachi is a virtual private network manager that can also establish direct links between different personal computers. It’s capable of linking together various machines that are hidden behind an existing network address translation block without requiring a system administrator to reconfigure the firewall. This enables users to access a PC directly, so they won’t have to use a relay connected to a wide area network. Nevertheless, Hamachi does still establish an online connection.
As a result, Hamachi can emulate a connection that would have existed had the two machines been linked up over a local area network. Though this could be used to alter the public-facing Internet Protocol addresses that are sent out to anything accessed from a given machine, it’s also a rather useful network interface tool since it can enable connections between different computers without the use of any special software. Best of all, it makes at least some effort to remain secure regardless of the type of connection its being used over.
A complete implementation of the 256-bit advanced encryption standard comes bundled with the software. Though 512-bit systems are arguably more advanced, these can also add quite a bit of overhead so a majority of users should be more than comfortable with this particular design choice. Owing at least in part to the way that Hamachi implements AES, most users shouldn’t see all that much lag either. Naturally, you’re always going to experience some downtime when you’re tunneling traffic through a remote server. The developers of this particular platform did their best to ensure that that it moves as speedily as possible.
They also did their best to ensure compatibility. While the basic Hamachi client runs on Microsoft Windows, you can actually connect other machines to the service and work with them if necessary. Once you have the software up and running on each of them, you can establish ad-hoc links between them as though they were connected to a token ring. Versions for macOS, GNU/Linux and iOS make it easy to attach most consumer-grade hardware together. The client software also supports Android devices, so you shouldn’t have any trouble establishing a direct link between phones and tablets back to your Windows PC.
Perhaps more interesting is the fact that Hamachi provides at least some support for FreeBSD. System administrators who want to be able to work from a conventional PC but still have to support the Berkeley Software Distribution ecosystem shouldn’t run into too much difficulty getting everything up and running. They’ll need to mess around with FreeBSD Ports to sideload the GNU/Linux packages onto their machine. While this might take a little bit of effort, it’s well worth it for those who want to get their job done from a Windows command line.
Depending on the specific service plan deployed on any given Hamachi instance, it might be possible to run the application in the background. When a computer is idle, it can automatically switch packets and provide handshaking details with any other devices attached to it. Other configurations might instead require the use of dedicated solutions. Regardless of which way someone decides to implement Hamachi, the bundled network adapter will rely on a centrally-managed VPN system.
In most instances, Hamachi will create an ad-hoc network that consists of the vendor’s remote server cluster and the client application. This program then leverages the power of the end-user machines it’s installed on to help establish connectivity by adding a virtual network interface to the PC it gets installed on. System administrators who happen to be managing more than one ecosystem can add Mactinosh computers and FreeBSD servers to VNI list as well, though the basic installation of Hamachi is clearly geared toward Windows PCs. Individuals who have at least one device powered by GNU/Linux in their stable should find that it gets listed in the VNI index too.
All of the outbound traffic sent by the machine’s system software gets tunneled through this interface, which in turn delivers it straight to the client application. Once Hamachi receives a packet, it authenticates it to make sure that it’s valid and then encrypts it before sending it off to a VPN peer through the user datagram protcol. Both broadcast and multicast transmission techniques are allowed, though Hamachi will normally respect whichever setting an administrator checked when they first created the network.
Microsoft-only shops will appreciate the ability to tunnel internetwork packet exchange traffic through a remote server as well. While IPX technology isn’t often used outside of the Windows world, this should prove to be an extremely useful feature for those who have to do a lot of work with education market PCs. It’s also good for retrocomputing enthusiasts. By supporting IPX, Hamachi has more or less made itself compatible with NetWare and other dated networking technologies. Those who want to play older games over a LAN might also like this feature.
Even those who don’t want to experiment with esoteric networking protocols should still appreciate Hamachi’s basic functionality. Every client attached to the server cluster will always retain at least some form of control connection. When this first connection gets established, the client has to authenticate itself through a login system before state synchronization can occur. The discovery process will usually only take a few moments, even if there’s a significant amount of lag interfering with a particular service.
Subroutines related to the discovery process can help to determine the network topology of the client’s original Internet tunnel. Hamachi can then use this information to find firewalls and NAT systems that a packet has to pass through whenever it wants to go to the open Internet. Whenever a member comes online or closes it’s connection, the vendor’s server will tell all of the peers to either open or shut tunnels that point to it. A specialized NAT traversal technique gets deployed by the remote server whenever a tunnel has to get established between individual peers, which is somewhat similar to hole punching through UDP. Most tools that support hole punching won’t have any issues working with Hamachi.
Currently, there’s no detailed technical readout that explains how this process works, however. Those who want to develop their own third-party tools that work with Hamachi won’t have access to any application programming interface as a result. Nevertheless, they’ll probably never run into a situation where they need an API because port forwarding works in pretty much any situation where the software’s own unique tricks won’t. Even if the client unexpectedly loses a connection, it should retain all of the tunnels assigned to it. Hamachi will constantly check the status of these tunnels until it can reestablish a solid connection.
At the same time, the server will notify every peer that the tunnel got suddenly shut down. It’s expected that their own client software instances would start separate liveliness checks to see when the device came back online. While this does place some pretty hefty assumptions on each of the machines attached to an ad-hoc network, it does give Hamachi the wherewithal to hold up against serious network interruptions. Some people have even been able to use the software over extremely long distances as a result. Lag might start to become more of an issue in these cases, and the lack of forward error correction will eventually make things run fairly slowly. However, the fact that such an application is possible helps to demonstrate just how powerful Hamachi really is. In most cases, the software is only really limited by the physical infrastructure that it happens to be running on.
Remote workers can actually rely on it as their sole system administration tool if they’ like. Those who want to enjoy vintage multiplayer games over a network might actually get to enjoy the best throughput since this application might end up sending the least amount of traffic. While that might sound strange, games of past eras were actually designed to work with telephony-based modems. Hamachi can make short work of the kind of packets these programs would send. Modern hardware in general doesn’t really struggle with them, so the program shouldn’t balk at all as long as you’re running it through a compatible network switch.
Addressing is done in a rather innovative way that should help to make things a little easier on users who find themselves dealing with some bizarre edge cases. Every single Hamachi client usually gets assigned a separate IP address the moment it logs into the network. None of the common private IP address blocks, like 172.16.0.0/12 and 10.0.0.0/8, are used so there shouldn’t be any conflicts with existing private networks. In general, Hamachi uses the 25.0.0.0/8 block of addresses in order to avoid any issues with outstanding assignments. There was a time when the 5.0.0.0/8 range got used, but the developers dropped this as soon as it got assigned to the RIPE Network Coordination Center in Europe.
International users haven’t had many problems since, though a few have found that the 25.0.0.0/8 address block is already in use on some government networks in the United Kingdom. Those who have to work on systems attached to any of these sorts of LANs will want to be certain that they have all of their address numbers configured correctly so they don’t run into any unusual problems. An overwhelming majority of people will never come into contact with this kind of conflict, so the point is generally moot. What they may have problems with, however, is the way that Hamachi can sometimes play fairly loose with privacy.
Users who are serious about security may end up taking some exceptions to the way that Hamachi’s back end software works. At it’s core, the app requires a connection to a distant mediation server that’s operated on behalf of the vendor. Hardware attached to this server records the current maintenance password and handle associated with a user. It also caches a copy of the authentication token currently in use. All of this data then gets connected to a 25.0.0.0/8 IP address that’s assigned on a static basis. Therefore, it’s possible that there could be a disclosure of some types of information that could identify an individual user as the one who accessed a particular web resource.
Most people aren’t going to mind this, since they’re probably turning to a VPN as a way to escape region locks or play games on protected networks. Those who need one to secure streaming content also probably won’t mind terribly either. However, those with serious privacy concerns might want to weigh the potential risks before they start using Hamachi as a daily driver. While the app’s security architecture is more or less open, it can be difficult to ensure complete security at any given time. Checking the full specification sheets that spell out how the app’s client-server protocol works might be a good idea for anyone who finds themselves in this sort of situation.
However, they might also find that the documentation is out of date and actually makes a few highly irregular claims. Technical writers attached to the project have corrected some of these oversights over the years, but some of them still remain. That might confound those who plan on deploying it in a highly sensitive situation.
Conventional users who aren’t looking to completely lock down all of their network traffic shouldn’t run into too many problems, however. As a result, it’s likely that a majority of people looking for a very simple VPN app will be more than pleased with everything that Hamachi has to offer.
Pros
- Tunnels traffic through a 256-bit encrypted connection
- Couples remote computers together
- Fast enough for use with gamin
- Simple interface that doesn’t bombard the user with options
- Usually doesn’t add an excessive amount of lag
Cons
- Doesn’t offer a kill switch
- Sends some data to a mediation server
- Stores nicknames and maintenance passwords remotely