View previous topic :: View next topic |
Author |
Message |
dualism Just Arrived
Joined: 26 Nov 2004 Posts: 0 Location: VA
|
Posted: Sat May 07, 2005 5:32 pm Post subject: Is there someone who provides remote VPN access for a fee? |
|
|
If I were in a hotel or what not.
Much appreciated.
|
|
Back to top |
|
|
ElToro Just Arrived
Joined: 21 Jun 2004 Posts: 0
|
Posted: Sun May 08, 2005 3:19 pm Post subject: |
|
|
I'm confused by your question. Can you clarify? Where are you trying to VPN to? VPNs are normally used to connect a remote user to a specific private network or to connect 2 private networks.
|
|
Back to top |
|
|
dualism Just Arrived
Joined: 26 Nov 2004 Posts: 0 Location: VA
|
Posted: Sun May 08, 2005 5:31 pm Post subject: |
|
|
Say I was in a hotel and wanted some good security on my browsing, a VPN would accomplish this no? (IPsec)
Is there some company who provides this relatively cheaply for either a short period of access (hours or days), or even monthly?
|
|
Back to top |
|
|
zeedo SF Reviewer
Joined: 01 Sep 2004 Posts: 24 Location: Scotland
|
Posted: Sun May 08, 2005 5:48 pm Post subject: |
|
|
Not that I know of, I doubt it's a very viable business. You would also only be moving the trust from the hotel to the VPN provider, that doesn't gain you much.
The most common way to do this sort of thing is to use VPN/Proxy to your home/workplace network even then you are just moving trust to the ISP there. If you really want to protect your communications you want to use secure channels directly to the sites involved.
|
|
Back to top |
|
|
ElToro Just Arrived
Joined: 21 Jun 2004 Posts: 0
|
Posted: Sun May 08, 2005 6:41 pm Post subject: |
|
|
I concur with Zeedo. Your best bet is to make sure the sites you are connecting to use SSL (or TLS) when transmitting any sensitive information.
|
|
Back to top |
|
|
dualism Just Arrived
Joined: 26 Nov 2004 Posts: 0 Location: VA
|
Posted: Sun May 08, 2005 8:01 pm Post subject: |
|
|
rgr, thanks.
|
|
Back to top |
|
|
exiled Just Arrived
Joined: 03 Jan 2005 Posts: 0 Location: UK
|
Posted: Fri May 27, 2005 4:35 pm Post subject: |
|
|
Seriously, has nobody heard of this concept yet? I'm really suprised.
Have a look at these:
www.witopia.net
www.publicvpn.com
www.hotspotvpn.com
IMO it could be a good idea, even if it is just to overcome some of the local wireless security problems a lot of public hotspots have...
|
|
Back to top |
|
|
zeedo SF Reviewer
Joined: 01 Sep 2004 Posts: 24 Location: Scotland
|
Posted: Fri May 27, 2005 4:45 pm Post subject: |
|
|
You don't trust the hotel, but you trust a company specifically setup to handle private data and asking you to put your private data via their networks....
As I said, doesn't sound like a viable business.
|
|
Back to top |
|
|
njan Trusted SF Member
Joined: 02 May 2005 Posts: 9 Location: Scotland, UK
|
Posted: Fri May 27, 2005 6:55 pm Post subject: |
|
|
Quote: |
Seriously, has nobody heard of this concept yet? I'm really suprised.
Have a look at these:
www.witopia.net
www.publicvpn.com
www.hotspotvpn.com
IMO it could be a good idea, even if it is just to overcome some of the local wireless security problems a lot of public hotspots have...
|
Yeah, um, my associates and I will provide you with a 'secure' VPN passthrough, accessible worldwide, hosted from the finest servers in the far east, through which to transmit your valuble plaintext confidential data.. at a low, low price of $5/month.. if you're interested, let me know.
|
|
Back to top |
|
|
damned Just Arrived
Joined: 04 Mar 2005 Posts: 0
|
Posted: Fri May 27, 2005 7:22 pm Post subject: |
|
|
it really can be simpler than all that. All you need is a system running sshd, say it's your home system, your friends boxen, whatever. Just some system you have an account on and trust.
then from your workstation fireup a ssh session like so:
ssh -l <username> <host> -D <some high number>
Once this has been done you have a tunnel to that host that works like a socks proxy. Any programs you have that can use socks proxies, you then just configure to user "localhost" as the server, and <some high number> as the port. Most programs you will use for standard web browsing and what not have the ability to use socks proxies built right in and made easy to configure including your preferred web browsers and instant message clients.
An example scenario is as follows:
i go to a wireless cafe with an open network. I sit down, pull out the laptop, see some 15 year old kid in a "Got Root" shirt and a Dell laptop that has a "31337" sticker on it. I open up a shell and type:
ssh -l damned www.security-forums.com -D 5900
I configure my gaim client and firefox browsers to use the socks proxy at "localhost:5900" and all of my web browsing and instant message traffic is then sent out through an encrypted ssh tunnel and the leet little bastard can't dsniff me.
Also note that this works great for bypassing restrictive workplace firewall policies and filterign such as those provided by BlueCoat.
tip: if you use the same number everytime, then you can just leave the configuration on your clients and just remember to always fireup your ssh connection.
note: you should trust the system you're connecting to because all of your traffic will be encrypted to it, but then sent out from it in it's normal format. If it's normal format is clear text as is the case for things like instant messages and http then anyone on that host or network can potentially sniff it from there.
-damned
|
|
Back to top |
|
|
|