Re: Re: Securing my PC at a Wireless Hotspot?

[wickenit () yahoo com]

I fully agree with krymson. I think tunneling traffic to a trusted network is probably "the" best things to do. 

For example: If you have a broadband connection at home then you can setup a computer at your house to connect to when 
your away. Its perfect for when your at hotels, coffee shops, etc. Here's an example of a free what to be able to do it.

1. Of course the home computer needs to be running all the time so you can connect to it. I personally like freeSSHd. 
Install it into the home system. Very easy to install and setup.

2. You need to be able to get to it from any other location. I like the free service at no-ip.com for this. You can 
setup your free dns account info to be something like hoot.no-ip.com or whatever is available to point to your house. 
There are lots of other free dynamic dns services out there too.

3. You need to make the connection. I like to use putty or plink.exe for this. I mostly use plink.exe nowdays just to 
secure the browser traffic.

4. Make the tunnel to your freeSSHd trusted computer at your house. I create a batch file that contains for example: 
"plink -D 9999 hoot.no-ip.com" (no quotes of course). You will then be required to log into your home computer. Whats 
its doing is setting up listening port 9999 on your local machine. Whatever is directed to that port will be tunneled 
to the freeSSHd computer.

5. Tell your web browser to use the local SOCKS with port 9999. Example in Firefox: Edit > Preferences > Advanced > 
Network > Settings. Select manual proxy configuration. For SOCKS Host enter "localhost" Port "9999". Click OK to close 
the windows.

Thats all there is to it..LOL Ok, maybe it sounds a little long and technical but it will work well and secure your 
browsing information. Once its setup, its really simple to use. Just make the connection and edit the browser settings 
when you want it secured.

One thing to point out. There will still be a little data leakage, meaning that no one will be able to see your data 
but they will be able to see your dns requests. So they can see the site names that your computer is looking up, but 
will not be able to actually see the data. Example: its possible to see DNS requests for mail.yahoo.com but they wont 
be able to see your email.

You could use putty to be able to use remote desktop on your home computer also and then they wont even see your DNS 
queries. But i prefer to just tunnel the web traffic since its very very fast. When using Remote Desktop the entire 
screen has to refresh to actually see the pages.

I hope this helps someone.