Personal VPN recommendations for public hotspots?

Can anyone recommend a browser based or software based personal VPN
that I could use when surfing the internet in public hotspots?

Yes, I know "dont check email or access your secure data" however this
kinda defeats the purpose of having Wi-Fi capability and convenience
at Starbucks or the local airport terminal.

I want to be able to SECURELY do this via VPN or similar device.

Thanks!

On 17 Jul 2004 22:22:21 -0700, (E-Mail Removed) (Bill) wrote:

>Can anyone recommend a browser based or software based personal VPN
>that I could use when surfing the internet in public hotspots?
>
>Yes, I know "dont check email or access your secure data" however this
>kinda defeats the purpose of having Wi-Fi capability and convenience
>at Starbucks or the local airport terminal.
>
>I want to be able to SECURELY do this via VPN or similar device.

Well, the problem with any secure tunnel or encryption scheme is that
the connection has to terminated somewhere. Just having VPN or SSH
software on your laptop does not magically give you a secure
connection. It has to end up (terminate) somewhere and the other end
has to have your security settings, pass phrase, etc stored somewhere.

One possibility is to terminate the VPN at the access point. This is
being done with some corporate access points, but is a major pain in
dealing with the multitude of customers at a hot spot. I think you
can forget that idea.

The easiest is if your ISP supports web mail via SSL (secure sockets
layer). SSL is built into the major web browsers and will encrypt the
sessions without any additional software added to your laptop.
However, the SSL based webmail must be supplied by your ISP.

Another method is to use SSH (secure shell). This requires a
login/password combination stored on the server, but is fairly simple
on the client end (your end). The most common program is called
"Putty". It's free.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
However, this is most commonly used for telnet (character based)
email.

A VPN would probably be more useful if you were connecting to a
corporate LAN or your own mail server. It creates an encrypted
"tunnel" into the LAN over the internet. Again, the problem is where
and how to terminate the VPN. Again, your ISP has to provide the
service, administer the login/passwd settings, and setup the security.
The general proceedure for connecting to an IPSec VPN from W2K and XP
can be found at:
http://vpn.ebootis.de
Freeswan is an open source VPN server.
http://harlech.math.ucla.edu/service...c-windows.html
Yeah, it's a mess when using the MS provided IPSec tools.

Sorry, I don't have an instant answer, but at least you now know the
limitations. Ask your ISP for SSL webmail.


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558

(E-Mail Removed) (Bill) wrote in news:15b4be0.0407172122.74614ee5
@posting.google.com:

> Can anyone recommend a browser based or software based personal VPN
> that I could use when surfing the internet in public hotspots?
>
> Yes, I know "dont check email or access your secure data" however this
> kinda defeats the purpose of having Wi-Fi capability and convenience
> at Starbucks or the local airport terminal.
>
> I want to be able to SECURELY do this via VPN or similar device.
>
> Thanks!
>

In order to a have hardware or software VPN solution, there must be two
valid VPN end points. So, if you have VPN software on your machine
active, then the VPN connection must exist on the other end or there is
no valid VPN connection. The VPN is hardware to hardware such as two
routers or VPN client software installed on a computer and VPN server
software installed on another computer.

http://www.homenethelp.com/vpn/

Four things I think needed in a hotspot:

1) Anti Virus Software
2) A good personal firewall solution
3) The O/S secured *harden* to attack if you have an O/S that can be
secured.
4) Your common sense in using safe hex like not doing online *banking*
and other things of that nature.

http://www.uksecurityonline.com/index5.php

Duane

I have come across these two services, just wonder if they are all
that they claim to be, security wise

http://www.hotspotvpn.com/


http://personalvpn.com/

On Sun, 18 Jul 2004 08:36:51 GMT, Duane Arnold <(E-Mail Removed)>
wrote:

>In order to a have hardware or software VPN solution, there must be two
>valid VPN end points. So, if you have VPN software on your machine
>active, then the VPN connection must exist on the other end or there is
>no valid VPN connection. The VPN is hardware to hardware such as two
>routers or VPN client software installed on a computer and VPN server
>software installed on another computer.

Yep. It takes two to tango. However, there are many different types
of VPN's, some of which are software to software. For example, I
don't think any router manufactory has been dumb enough to implement a
PPTP termination in hardware. MS PPTP is normally done in software at
both ends. I've also done peer-to-peer VPN software client tunnels
(for fun) using SafeNet's VPN software (as distributed by Sonicwall
and Watchguard). It wasn't really made for this purpose, but it did
(sorta) work.

>Four things I think needed in a hotspot:
>1) Anti Virus Software
>2) A good personal firewall solution
>3) The O/S secured *harden* to attack if you have an O/S that can be
>secured.
>4) Your common sense in using safe hex like not doing online *banking*
>and other things of that nature.

I think you mean "Four things I think needed in a laptop used at a
hotspot". Personally, methinks the most important item is either a
spare battery or a solar charger. For some odd reason, most coffee
shops do not have AC outlets at each table. That can be a problem
with my ancient laptop and its rapidly failing or dead battery.

Another item of importance is some kind of keyboard protector. No
matter how careful I try to be, the magnetic attraction of coffee and
keyboards are a problem. The combination of caffeine shakes, round
tables, and square laptops, just invite disaster. I've cleaned many
keyboards. Suggestion: Use less sugar or honey as the stuff
resembles epoxy when dry. Also, lay off the Chai which tends to be
corrosive and dissolves the glue used to laminate the keyboards.

The well equipped coffee shop web surfer should also have an external
USB radio or cantenna. This is not for long range, but rather to
overpower the other users at the access point. While spread spectrum
and the TCP/IP fair share algorithm insures that nobody can hog the
entire access point, it doesn't hurt to have the strongest signal in
the place.

The laptop carrying case should be large enough to store all the
stolen dishes, knives, forks, spoons, condiments, and napkins. I'd
always wondered what all those hidden pockets were for. Space can
easily be made by simply removing the laptop instruction manual, which
nobody reads anyway.

I'm undecided on using a printer in a coffee shop. While it's really
impressive receiving a fax, the page usually finds the nearest coffee
puddle and is instantly ruined. Invariably someone will also ask you
for a printout of some web page. Forget the printer.

My favorite coffee shop surfing accessory is a small sign inscribed
with "This Table Reserved for (my name)". If I have to evacuate the
table for a short period, it serves as a suitable place holder.

The only problem with the well equipped coffee shop surfer is that
it's pure hell picking up all that stuff when going to the bathroom.
It's a choice between losing ones table or a bladder explosion. I
suggest a catheter and urine collection bag if table monopolization is
an issue.


--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 AE6KS 831-336-2558

"Bill" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) m...
> I have come across these two services, just wonder if they are all
> that they claim to be, security wise
>
> http://www.hotspotvpn.com/
>
>
> http://personalvpn.com/

Just kind of looking at the two, it looks like they are ISP VPN solution
providers. Like I said before, if you have VPN client software on your
machine and there is VPN server software on a machine, then it's a valid VPN
connection - end point to end point. It's worth investigating by making a
phone call to find out facts about their solutions.

Duane

"Jeff Liebermann" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sun, 18 Jul 2004 08:36:51 GMT, Duane Arnold <(E-Mail Removed)>
> wrote:
>
> >In order to a have hardware or software VPN solution, there must be two
> >valid VPN end points. So, if you have VPN software on your machine
> >active, then the VPN connection must exist on the other end or there is
> >no valid VPN connection. The VPN is hardware to hardware such as two
> >routers or VPN client software installed on a computer and VPN server
> >software installed on another computer.
>
> Yep. It takes two to tango. However, there are many different types
> of VPN's, some of which are software to software. For example, I
> don't think any router manufactory has been dumb enough to implement a
> PPTP termination in hardware. MS PPTP is normally done in software at
> both ends. I've also done peer-to-peer VPN software client tunnels
> (for fun) using SafeNet's VPN software (as distributed by Sonicwall
> and Watchguard). It wasn't really made for this purpose, but it did
> (sorta) work.
>
> >Four things I think needed in a hotspot:
> >1) Anti Virus Software
> >2) A good personal firewall solution
> >3) The O/S secured *harden* to attack if you have an O/S that can be
> >secured.
> >4) Your common sense in using safe hex like not doing online *banking*
> >and other things of that nature.
>
> I think you mean "Four things I think needed in a laptop used at a
> hotspot". Personally, methinks the most important item is either a
> spare battery or a solar charger. For some odd reason, most coffee
> shops do not have AC outlets at each table. That can be a problem
> with my ancient laptop and its rapidly failing or dead battery.

I must say the battery situation in laptops is ridiculous on how quickly
that become dead and the replacement cost for the battery.

>
> Another item of importance is some kind of keyboard protector. No
> matter how careful I try to be, the magnetic attraction of coffee and
> keyboards are a problem. The combination of caffeine shakes, round
> tables, and square laptops, just invite disaster. I've cleaned many
> keyboards. Suggestion: Use less sugar or honey as the stuff
> resembles epoxy when dry. Also, lay off the Chai which tends to be
> corrosive and dissolves the glue used to laminate the keyboards.
>
> The well equipped coffee shop web surfer should also have an external
> USB radio or cantenna. This is not for long range, but rather to
> overpower the other users at the access point. While spread spectrum
> and the TCP/IP fair share algorithm insures that nobody can hog the
> entire access point, it doesn't hurt to have the strongest signal in
> the place.
>
> The laptop carrying case should be large enough to store all the
> stolen dishes, knives, forks, spoons, condiments, and napkins. I'd
> always wondered what all those hidden pockets were for. Space can
> easily be made by simply removing the laptop instruction manual, which
> nobody reads anyway.
>
> I'm undecided on using a printer in a coffee shop. While it's really
> impressive receiving a fax, the page usually finds the nearest coffee
> puddle and is instantly ruined. Invariably someone will also ask you
> for a printout of some web page. Forget the printer.
>
> My favorite coffee shop surfing accessory is a small sign inscribed
> with "This Table Reserved for (my name)". If I have to evacuate the
> table for a short period, it serves as a suitable place holder.
>
> The only problem with the well equipped coffee shop surfer is that
> it's pure hell picking up all that stuff when going to the bathroom.
> It's a choice between losing ones table or a bladder explosion. I
> suggest a catheter and urine collection bag if table monopolization is
> an issue.
>

I never been in a hotspot, but I'll keep all of what you have said here in
mind if I ever have to use one.

Duane

Duane

In article <9LyKc.107188$JR4.49167@attbi_s54>
"Duane Arnold" <(E-Mail Removed)> wrote:

> I never been in a hotspot, but I'll keep all of what you have said here in
> mind if I ever have to use one.
>
> Duane
>
> Duane

While you are at it. Please learn how to trim a post.

Asshole.

--
Questo messaggio e' stato inoltrato automaticamente
da un paio di anonymous remailer. Il mittente originale
e' sconosciuto e non identificabile. Datevi pace.

Anonymous-(E-Mail Removed)er (hacker_boy) wrote in
news:(E-Mail Removed):

> In article <9LyKc.107188$JR4.49167@attbi_s54>
> "Duane Arnold" <(E-Mail Removed)> wrote:
>
>> I never been in a hotspot, but I'll keep all of what you have said
>> here in mind if I ever have to use one.
>>
>> Duane
>>
>> Duane
>
> While you are at it. Please learn how to trim a post.
>
> Asshole.
>

Hack ASS stick it up you *ASS*!

Duane

Anonymous-(E-Mail Removed)er (hacker_boy) wrote in
news:(E-Mail Removed):

> In article <9LyKc.107188$JR4.49167@attbi_s54>
> "Duane Arnold" <(E-Mail Removed)> wrote:
>
>> I never been in a hotspot, but I'll keep all of what you have said
>> here in mind if I ever have to use one.
>>
>> Duane
>>
>> Duane
>
> While you are at it. Please learn how to trim a post.
>
> Asshole.
>

Let me correct the spelling so that you won't trip on that one too.

Hack Ass stick it up your stanking *ASS*! -- Did you notice the little
*twist* I put on that one? <g>

Duane