Want to setup VPN

Old Oct 16, 08, 9:29 am
  #1  
Original Poster
 
Join Date: Sep 2005
Location: LAX
Programs: UA 2P, SPG Gold
Posts: 157
Question Want to setup VPN

I use public wifi occasionally and sometimes overseas but I don't do anything secure. But there are I times I wish I had a VPN setup at home to log into my bank account or something. I don't really care to access files at home, I just want to have an option to be able to browse the internet securely if I'm on a public wifi.

I've read about people using DD-WRT enabled routers to do this. Is this a good option or is it too slow? I don't really want to setup a dedicated linux computer for this. Nor do I want to pay for an online service.

Can you recommend me options?
Thanks!
mrmakochan is offline  
Old Oct 16, 08, 11:41 am
  #2  
 
Join Date: May 2002
Location: Um lugar muito bonito
Programs: UA GS, UA 2-Million Miler, IHG Plat, Hyatt Plat, HHonours Diamond, Marriott Plat, EVA Gold
Posts: 161
I'd recommend the Hamachi VPM product from www.logmein.com. Easy to configure, free for personal use though you can get a bigger feature set with paid versions.
Sierra Kilo is offline  
Old Oct 16, 08, 12:22 pm
  #3  
 
Join Date: Jun 2002
Posts: 944
Originally Posted by mrmakochan View Post
I use public wifi occasionally and sometimes overseas but I don't do anything secure. But there are I times I wish I had a VPN setup at home to log into my bank account or something.
if you are accessing your bank, it will be over a secure http connection so there's no need for vpn.
pdxer is offline  
Old Oct 16, 08, 12:25 pm
  #4  
 
Join Date: Jul 2001
Location: Lower Merion Township, PA, (an inner-ring suburb to the Socialist Workers City/State of Philadelphia, PA)
Posts: 588
Originally Posted by mrmakochan View Post
Can you recommend me options?
Thanks!
I know there's an inexpensive (~ $60) SOHO router from Zyxel that will allow you to do this, at least what I think you what to do:

Windows PC <> WiFi HotSpot <=== VPN ===> Home Router <--- Public Internet --->

The key item here is Windows XP comes with a VPN client that works with this, so no additional cost to obtain a client or security certificate. Look on the zyxel.com website for documentation on their P334 or P335 Broadband Router.
JadedTraveler is offline  
Old Oct 16, 08, 2:44 pm
  #5  
 
Join Date: Jul 2006
Location: California
Programs: AA EXP, lowly UA 1K; Hyatt Diamond, SPG Gold, Hilton Gold; National EC, Hertz PC
Posts: 2,098
Originally Posted by mrmakochan View Post
I use public wifi occasionally and sometimes overseas but I don't do anything secure. But there are I times I wish I had a VPN setup at home to log into my bank account or something. I don't really care to access files at home, I just want to have an option to be able to browse the internet securely if I'm on a public wifi.

I've read about people using DD-WRT enabled routers to do this. Is this a good option or is it too slow? I don't really want to setup a dedicated linux computer for this. Nor do I want to pay for an online service.

Can you recommend me options?
Thanks!
Logging into a bank account, even from a public wifi location, should be secure. Look for the little padlock in the status bar, depending on what browser you are using. This means your data is encrypted and a hacker could not easily read your passwords, or any other data transferred. Installing a VPN connection to your home network would make your entire internet session secure, though is this really necessary? Some businesses say yes since you are probably transmitting secure company files OTA and they don't want any prying eyes to see them though if you are just checking ESPN, I don't really see the concern. A VPN to your home network will also slow your connection down, unless you have a very very fast home ISP, in which case I envy you.
adambadam is offline  
Old Oct 16, 08, 9:35 pm
  #6  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 11,702
Originally Posted by adambadam View Post
Logging into a bank account, even from a public wifi location, should be secure. Look for the little padlock in the status bar, depending on what browser you are using. This means your data is encrypted and a hacker could not easily read your passwords, or any other data transferred.
If you're going to use a public computer, this security is good. What you have to worry about with a public computer is that someone might have installed keylogging software to record your username and password as you type them. This happens before the encrypted connection, so while the connection itself is quite secure, the computer you're using isn't.

If you're looking to use DD-WRT (I prefer Tomato - more user friendly and only slightly less powerful), you will need to be able to run specialized software on any computer you want to use this with. Specifically, you'll need to use an SSH client.
gfunkdave is offline  
Old Oct 17, 08, 8:18 am
  #7  
A FlyerTalk Posting Legend
 
Join Date: Apr 2001
Location: NYC
Posts: 69,136
Originally Posted by adambadam View Post
A VPN to your home network will also slow your connection down, unless you have a very very fast home ISP, in which case I envy you.
It will slow down the connection regardless of the home ISP speed. Traffic passing from the remote site to the home to the web server will be inherently slower than traffic from the remote site to the web server based on (at least) three things. First, the data has to travel farther. Yes, light moves very fast, but the additional fiber/copper, switches, routers, etc. add time to the transmissions, even if the lines are all very fast. Second, the encryption of the data requires delay for encoding/decoding. Again, this should be minimal, but it all adds up. Third, the encryption of the data means that every packet is ~30% filled with encryption overhead rather than just data. This means that downloading a 100KB image file will actually require a transfer of 30% more data, and that will take longer.

Originally Posted by gfunkdave View Post
If you're going to use a public computer, this security is good. What you have to worry about with a public computer is that someone might have installed keylogging software to record your username and password as you type them. This happens before the encrypted connection, so while the connection itself is quite secure, the computer you're using isn't.
Being connected to a VPN will not affect the efficacy of key logging software on the public computer. You are still pressing the keys and it is still logging them.

I wouldn't bother with a VPN unless I was accessing corporate data from a company-issued computer. Otherwise I depend on SSL for communication with the appropriate destinations that need it and let the rest of my data, like FT browsing, run free.

One thing the VPN can do is get around web filters, assuming that they allow VPNs from that network. So if the network you are on doesn't allow one to browse to flyertalk.com you could VPN to your home computer and then the browsing would be coming from your home IP address instead of the remote network so you'd avoid their blocking. But other than that I see very little value other than what I stated above.
sbm12 is offline  
Old Oct 17, 08, 8:34 am
  #8  
 
Join Date: Jun 2007
Programs: M&M, AA GLD, FB
Posts: 233
For the OP, if you just want to sometimes encrypt your connection, just use SSL/SSH. You can set up a browser to browse through a SSH connection to your home computer (also avoiding filters). Any SSH server should support that.

Using a public computer (not your own) to open any sensitive data is borderline stupid (sorry). A friend who worked in an internet cafe showed me what they (legally operated, with a fineprint privacy policy) are employing to protect themselves from various litigations. This includes (among others) keylogging and screen dumps.
Never access your bank account from a public computer, unless you have no other choice.
TamCaP is offline  
Old Oct 17, 08, 5:48 pm
  #9  
 
Join Date: Nov 2006
Posts: 3,515
I VPN home and out because I want a US IP address for somethings. For example, some bill pays are programmed not to allow persons from coming in from a foreign internet address. They believe it reduces fraud. I think they are nuts, but that is beyond the point of this discussion.
Dubai Stu is offline  
Old Oct 17, 08, 8:30 pm
  #10  
 
Join Date: Jul 2001
Location: Lower Merion Township, PA, (an inner-ring suburb to the Socialist Workers City/State of Philadelphia, PA)
Posts: 588
Anyone worried about keylogging software on a public computer, which is a trival thing for a hacker to install, should remember the Windows standard On Screen Keyboard:

Start > Programs > Accessories > Accessibility > On Screen Keyboard
or
Start > Run > osk.exe

If not present, be suspicious and use another public computer.
JadedTraveler is offline  
Old Oct 19, 08, 4:48 am
  #11  
 
Join Date: Aug 2005
Location: SNA Rwy 20L
Programs: QF Silver
Posts: 703
I guess opinions are varied depending on the application but when traveling I always use OpenVPN to tunnel into my home router running DD-WRT before accessing the internet. I have standard AT&T DSL service at home and use a $30 Buffalo router as the VPN server. It does solve several issues:

1. Security - Nothing's ever perfect but I feel much safer against "man-in-the-middle" monitoring.

2. Convenience - I hate being redirected to country-specific sites (i.e., google.com.au when typing google.com). You also don't have to work around hotel ISPs which block ports (particularly SMTP).

3. Easy access to your home LAN.

Yes it is a bit slower running encrypted but on a recent trip to Japan I VPNed home and used MagicJack to access a US dialtone and used my EnjoyPrepaid account to call New Zealand. Even with the VPN the double VoIP hop sounded great.
Zarf4 is offline  
Old Oct 19, 08, 9:21 am
  #12  
 
Join Date: Jan 2005
Location: SEA
Programs: AS MVPG, IHG Spire/Amb, SPG Gld, HH Gld
Posts: 3,748
Take a look at www.publicvpn.com.
dgwright99 is offline  
Old Oct 19, 08, 4:01 pm
  #13  
 
Join Date: Jan 2006
Location: ORD
Programs: UA 1K
Posts: 1,084
A couple other things you can look at are OpenVPN (free) and SSH tunnelling. Both would be something you load on your machine at home. OpenVPN lets you do a full blown VPN tunnel, whereas SSH you run things over an SSH connection. Some SSH clients let you set it so you can use the SSH tunnel as a proxy server for your Internet connection.
bdesmond is offline  
Old Oct 19, 08, 6:27 pm
  #14  
 
Join Date: Mar 2007
Posts: 588
I use DD-WRT and OpenVPN. DD-WRT has a version that has OpenVPN built in. Setup is a little more complicated than using hamachi though.
blahter is offline  
Old Oct 24, 08, 9:13 am
  #15  
 
Join Date: Aug 2006
Location: NYC
Programs: AA PLT 1MM; UA Sil; DL GM
Posts: 2,024
I finally gave up on finding the mobile Mac of my dreams and just got an Asus EEE PC (Linux) for traveling. As a Mac person I have never worried about this stuff; what should I install or do to ensure security on wireless networks (this trip, Paris and Frankfurt)? Is VPN a software or hardware option? Help for a non-techie, please!
Fornebufox is offline  

Thread Tools
Search this Thread