I travel often and work from my laptop at coffee shops with T-mobile WIFI and/or free WIFI networks. Like most people I am concerned about security. I use a personal firewall - Zone Alarm. However this doesnt protect me from password snooping on websites and e-mail accounts unless there is an SSL connection (https) which is often not the case. Are the any utilities that help mitigate such risks when using coffee shop and open WIFI networks? Thanks
You could use a VPN. Here's one that I tried briefly:
It worked fine, with no apparent degradation of the Internet connection.
Serious question: So why did you use it briefly?
| > >I travel often and work from my laptop at coffee shops with T-mobile | > >WIFI and/or free WIFI networks. Like most people I am concerned about | > >security. | > >I use a personal firewall - Zone Alarm. | > >However this doesnt protect me from password snooping on websites and | > >e-mail accounts unless there is an SSL connection (https) which is | > >often not the case. | > >Are the any utilities that help mitigate such risks when using coffee | > >shop and open WIFI networks? Thanks | >
| > You could use a VPN. Here's one that I tried briefly: | >
| > It costs $25/year. | >
| > It worked fine, with no apparent degradation of the Internet connection. | | Serious question: So why did you use it briefly?
As for me and mine: because, in general, it was more trouble than it was worth. An aside more than a few hotspots block VPN.
snipped-for-privacy@yahoo.com hath wroth:
About the only really secure method is to either have your ISP setup a VPN termination, or subscribe to a commercial VPN service. There's a short list of probable services in the FAQ at:
You can also setup your own VPN server at home or office and go through it, if you can handle the traffic load.
I've been experimenting with an "open" RADIUS server for hotspots, where the WPA key is automatically assigned giving each user and session their own unique WPA key. So far, it's been a dismal failure because users would need to reconfigure their laptops and most users don't have a clue how to do that.
"NotMe" hath wroth:
Somewhat wrong. They don't intentionally block VPN. The consumer grade routers just can't handle more than a few VPN streams at a time. Some can do only one. 4 or 5 is typical, which doesn't do much good when the coffee shop is crowded with laptops.
Worse, VPN tunnel setup appears to be "sticky" in many routers. If one user connects via a VPN tunnel, the router detects this, and supplies the necessary feature support. The user then disconnects and you would expect the VPN tunnel to be available to the next user. Nope. It's apparently tied to the DHCP IP assignment timeout which is commonly 24 hours. That effectively locks out additional VPN tunnel users. I have my hot spot DHCP timeouts set to 1 hr (or less with some firmware hacking) to avoid this problem and a few others (like running out of DHCP delivered IP addresses)
Also, the same bottom of the line routers may simply limit users by running out of steam (or horsepower). See the chart of number of simultaneous connections at:
which demonstrate that more than a few commodity routers are totally unsuitable for use in a hot spot.
There was a router review with tested the number of VPN tunnels, but I can't find it. I'll dig (later).
I'm not concerned enough about WiFi security to be bothered.
I do all our financial stuff on the Internet, often on unsecured WiFi networks (like the one I'm using now). After researching the potential vulnerabilities when using HTTPS sites, I dismissed the risk was too remote to warrant worrying about.
I wouldn't use an unsecured network for sensitive transactions in an airport or other location that could reasonably be a target for man in the middle attacks, though.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.