Secure browsing remotely

A

amrogers3

Gawd
Joined
Nov 7, 2010
Messages
643
Hello good people,

I have a question about surfing the net from a public WIFI access point, for example, a hotel room.

I travel frequently and I am concerned about surfing the web and the potential of someone stealing my logon information. I try to use HTTPS for everything, but some websites do not support it.

I did some research and it sounds like I need to implement a VPN. I don't want to pay for any service, if I can set it up at home that would be ideal. Is VPN the way to go or is there something else I should consider?

I have an airport extreme, macbook, and a Linksys 54G I installed DDWRT on.
 
I use an SSL VPN Gateway to connect to my home and that tunnels all my traffic. You may want to look into a UTM device and run it on an old PC. Personally I use Astaro Home Edition.
 
It looks like PPTP is depreciated. Looks like OpenVPN is recommended. Any recommendations on articles on how to setup OpenVPN on a DDWRT Linksys 54G and OSX Leopard 10.5? My main router is a Airport Extreme.

I did a quick search and haven't found any articles that make this clear to understand and implement. Any help would be much appreciated.

:)
 
You could also use a proxy server that you know is secure. Point your browser to your localhost but have your network adapter tunnel to a proxy server. ...meh, a VPN would be easier.
 
For true secure remote connections, OpenVPN is your friend!;)

stats.jpg


Have the free OpenVPN server running successfully from my ASUS RT-N66U gateway router flashed w/Shibby's Tomato so that a dedicated OpenVPN server computer isn't even necessary!:D

When I connect from the road and on public hotspots, all traffic is encrypted all the way back to my home into the ASUS!

1951166088.png
 
Last edited:
To get the NON split tunnel in OpenVpn, isn't it a pain in the ass tho ?

the whole idea of this would be to have ALL the traffic go through the vpn.
 
robvas said:
I would use a hosted server - going home to your PC then back adds some latency and you can't surf any faster than your upload speed.

Look into services like VyperVPN or HMA.

If you have access to a Linux server you can just use an SSH tunnel

http://www.techrepublic.com/blog/security/use-putty-as-a-secure-proxy-on-windows/421
Click to expand...

I have a 50/5 i should be fine :)

There is also a service you can pay for yearly witch is 49$ BUT they could watch what your doing too so there is no point!
 
robvas said:
I would use a hosted server - going home to your PC then back adds some latency and you can't surf any faster than your upload speed.
Click to expand...

My Fiber-to-the-home upload speed far exceeds any public hotspot connection speed that I have ever used!:D And latency is negligible...

1951166088.png
 
I even do this from home to the datacenter! All my traffic from my home PCs / Laptops is proxied to the datacenter (unless I am gaming that is!)
 
somms said:
My Fiber-to-the-home upload speed far exceeds any public hotspot connection speed that I have ever used!:D And latency is negligible...
Click to expand...

Yea but some people are on 10m/1m cable or even 6m/768k DSL :(

Some hotspots are T1 speeds (or slower if people are using it) but many places have 20mb+ (work, some coffee shops, library...)
 
dashpuppy said:
yup, for 500$ :)
Click to expand...

I got mine for just over $300 and upgraded the RAM myself. Best firewall/router I've ever used. Easiest to use? No, but best. The SSL VPN alone is what sold me on it. That, and me doing my CCNA.
 
robvas said:
Yea but some people are on 10m/1m cable or even 6m/768k DSL :(

Some hotspots are T1 speeds (or slower if people are using it) but many places have 20mb+ (work, some coffee shops, library...)
Click to expand...


well i had mine on with all the traffic going through it, and the throughput was pretty low, i was doing facetime AND surfing the web, so you don't need some HUGE internet connection for this to work.

Id sacrifice a bit slower internet for security ANYDAY!

/usr/home said:
I got mine for just over $300 and upgraded the RAM myself. Best firewall/router I've ever used. Easiest to use? No, but best. The SSL VPN alone is what sold me on it. That, and me doing my CCNA.
Click to expand...

yup, I use my ssl every day, the sonicwall is great, does the asa have a quick client too ?
 
dashpuppy said:
well i had mine on with all the traffic going through it, and the throughput was pretty low, i was doing facetime AND surfing the web, so you don't need some HUGE internet connection for this to work.

Id sacrifice a bit slower internet for security ANYDAY!



yup, I use my ssl every day, the sonicwall is great, does the asa have a quick client too ?
Click to expand...

Yeah. OS X, Linux, Windows, and IOS.
 
I did some research and there are two options - ssh or openVPN

Since I have a mac and airport extreme, what would you guys recommend? ssh or openVPN?
 
amrogers3 said:
I did some research and there are two options - ssh or openVPN

Since I have a mac and airport extreme, what would you guys recommend? ssh or openVPN?
Click to expand...

i don't get it, whats the airport extreme have anything to do with it ?
 
Ssh tunnel is the easiest. Setup a proxy server, then use the SSH tunnel to connect to the proxy.

Open VPN is nice but a PITA to setup. I spent a couple weeks trying to get it going and gave up. I actually did have it working at one point when my network was /24 but when I switched to /16 all went to hell and never got it working again.
 
The main pro is that it's a real VPN so once you connect it's like if you were connected directly to your network. Great if you have a laptop and lot of apps like email client etc and you can connect to all your network services.

If you strictly only want to browse the internet the SSH/Proxy solution is much easier to setup.

Edit: Since you have a mac, not sure how that would work. I'm sure Macs must have some kind of SSH client that can do tunneling though? Since you'll need that.
 
Red Squirrel said:
The main pro is that it's a real VPN so once you connect it's like if you were connected directly to your network. Great if you have a laptop and lot of apps like email client etc and you can connect to all your network services.

If you strictly only want to browse the internet the SSH/Proxy solution is much easier to setup.

Edit: Since you have a mac, not sure how that would work. I'm sure Macs must have some kind of SSH client that can do tunneling though? Since you'll need that.
Click to expand...

yeah, it's called terminal! LOL
 
You must log in or register to reply here.
Back
Top