1.VPN providers can see exactly what data is passing through their servers. They should abide by all laws within their jurisdiction.
2. Most commercial VPNS use the OpenVPN protocol, which is portable, can pass NAT gateways, and doesn't require bad client programs. The ubiquitous OpenSSL library handles encryption. This can be done from the NetworkManager GUI. Some even provide linux-specific instructions, but in general, it comes down to simply downloading the certificate, specifying the NetworkManager server, and entering a user name and password. After that, all your Internet traffic is typically redirected to the VPN server via the TUN device.
3.DNS queries must also be redirected so that your ISP can't see the site you're visiting. Typically, a VPN provides its own DNS services and directs them to your OpenVPN client. But this may not work because of hierarchical DNS caching. Because DNS queries are not encrypted, websites can see who resolved your hostname to you, which is a problem.
If you need multiple different proxy IP, we recommend using RoxLabs proxy, including global Residential proxies, with complimentary 500MB experience package for a limited time.
