Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Secure your internet connection at Starbucks' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Secure your internet connection at Starbucks
Authored by: mematron on Aug 23, '07 09:09:39PM
You are only connecting to the service in much the same way you connect with a web browser. Connecting with your browser uses ssl and like the connection manager for windows it's just providing secure authentication. After you are connected to the service all of your traffic is sent in plain text.

All you've done is recreated in part what the connection manager does. The T-Mobile Connection Manager superior for novices because it has a built-in Wi-Fi scanner, has 1-click login, and lets you know when you are connected to a T-Mobile Hotspot.

The only way to be more secure is to use SSH. Use it right after you authenticate yourself on the network. Here's an example of what I do:

ssh -D 8080 -f -C -q -N username@server address

Then you select "Socks Proxy" in the "Proxies" tab under the active network interface inside the Network Settings. For the Proxy address, type in 127.0.0.1 and for the port type in 8080

Here's page that explains it very well, cause hey, someone already explained it so I don't have to http://macapper.com/2007/05/22/advanced-os-x-secure-tunneling-via-ssh

If anyone thinks that this isn't a better solution just try running "tcpdump" or "wireshark" and see all the nice packets flow by in plain text.

SSH can be cracked as well but to the casual observer you'll be free to download your pron in privacy.

Nothing is 100% secure but for now, SSH is your best strategy.

[ Reply to This | # ]
Secure your internet connection at Starbucks
Authored by: honer123 on Aug 31, '07 05:09:09AM
To build on mematron's comment, using Squid on the other end of the tunnel will truely hide all of your web surfing traffic. I say this because if you use the method he mentioned where you send your web traffic through a SOCKS connection, you will still send your DNS requests out to the local DNS servers. So they may not be able to see what your surfing, but they will be able to see that you are surfing --www.bigknockers.com--, or whatever.
The way to avoid this is to set up Squid on the SSH server you are connecting to, then tell your browser to use a proxy of localhost at 3128(Squid's default port). If you can set up and connect to an SSH box, then you can set up Squid. Not too hard to configure at all, and as a result all of your traffic to the web is truely hidden.


[ Reply to This | # ]