mrmakochan

I use public wifi occasionally and sometimes overseas but I don't do anything secure. But there are I times I wish I had a VPN setup at home to log into my bank account or something. I don't really care to access files at home, I just want to have an option to be able to browse the internet securely if I'm on a public wifi.

I've read about people using DD-WRT enabled routers to do this. Is this a good option or is it too slow? I don't really want to setup a dedicated linux computer for this. Nor do I want to pay for an online service.

Can you recommend me options?
Thanks!

Sierra Kilo

I'd recommend the Hamachi VPM product from www.logmein.com. Easy to configure, free for personal use though you can get a bigger feature set with paid versions.

pdxer

if you are accessing your bank, it will be over a secure http connection so there's no need for vpn.

JadedTraveler

I know there's an inexpensive (~ $60) SOHO router from Zyxel that will allow you to do this, at least what I think you what to do:

Windows PC <> WiFi HotSpot <=== VPN ===> Home Router <--- Public Internet --->

The key item here is Windows XP comes with a VPN client that works with this, so no additional cost to obtain a client or security certificate. Look on the zyxel.com website for documentation on their P334 or P335 Broadband Router.

adambadam

Logging into a bank account, even from a public wifi location, should be secure. Look for the little padlock in the status bar, depending on what browser you are using. This means your data is encrypted and a hacker could not easily read your passwords, or any other data transferred. Installing a VPN connection to your home network would make your entire internet session secure, though is this really necessary? Some businesses say yes since you are probably transmitting secure company files OTA and they don't want any prying eyes to see them though if you are just checking ESPN, I don't really see the concern. A VPN to your home network will also slow your connection down, unless you have a very very fast home ISP, in which case I envy you.

gfunkdave

If you're going to use a public computer, this security is good. What you have to worry about with a public computer is that someone might have installed keylogging software to record your username and password as you type them. This happens before the encrypted connection, so while the connection itself is quite secure, the computer you're using isn't.

If you're looking to use DD-WRT (I prefer Tomato - more user friendly and only slightly less powerful), you will need to be able to run specialized software on any computer you want to use this with. Specifically, you'll need to use an SSH client.

sbm12

It will slow down the connection regardless of the home ISP speed. Traffic passing from the remote site to the home to the web server will be inherently slower than traffic from the remote site to the web server based on (at least) three things. First, the data has to travel farther. Yes, light moves very fast, but the additional fiber/copper, switches, routers, etc. add time to the transmissions, even if the lines are all very fast. Second, the encryption of the data requires delay for encoding/decoding. Again, this should be minimal, but it all adds up. Third, the encryption of the data means that every packet is ~30% filled with encryption overhead rather than just data. This means that downloading a 100KB image file will actually require a transfer of 30% more data, and that will take longer.

Being connected to a VPN will not affect the efficacy of key logging software on the public computer. You are still pressing the keys and it is still logging them.

I wouldn't bother with a VPN unless I was accessing corporate data from a company-issued computer. Otherwise I depend on SSL for communication with the appropriate destinations that need it and let the rest of my data, like FT browsing, run free.

One thing the VPN can do is get around web filters, assuming that they allow VPNs from that network. So if the network you are on doesn't allow one to browse to flyertalk.com you could VPN to your home computer and then the browsing would be coming from your home IP address instead of the remote network so you'd avoid their blocking. But other than that I see very little value other than what I stated above.

TamCaP

For the OP, if you just want to sometimes encrypt your connection, just use SSL/SSH. You can set up a browser to browse through a SSH connection to your home computer (also avoiding filters). Any SSH server should support that.

Using a public computer (not your own) to open any sensitive data is borderline stupid (sorry). A friend who worked in an internet cafe showed me what they (legally operated, with a fineprint privacy policy) are employing to protect themselves from various litigations. This includes (among others) keylogging and screen dumps.
Never access your bank account from a public computer, unless you have no other choice.

Dubai Stu

I VPN home and out because I want a US IP address for somethings. For example, some bill pays are programmed not to allow persons from coming in from a foreign internet address. They believe it reduces fraud. I think they are nuts, but that is beyond the point of this discussion.

JadedTraveler

Anyone worried about keylogging software on a public computer, which is a trival thing for a hacker to install, should remember the Windows standard On Screen Keyboard:

Start > Programs > Accessories > Accessibility > On Screen Keyboard
or
Start > Run > osk.exe

If not present, be suspicious and use another public computer.

Zarf4

I guess opinions are varied depending on the application but when traveling I always use OpenVPN to tunnel into my home router running DD-WRT before accessing the internet. I have standard AT&T DSL service at home and use a $30 Buffalo router as the VPN server. It does solve several issues:

1. Security - Nothing's ever perfect but I feel much safer against "man-in-the-middle" monitoring.

2. Convenience - I hate being redirected to country-specific sites (i.e., google.com.au when typing google.com). You also don't have to work around hotel ISPs which block ports (particularly SMTP).

3. Easy access to your home LAN.

Yes it is a bit slower running encrypted but on a recent trip to Japan I VPNed home and used MagicJack to access a US dialtone and used my EnjoyPrepaid account to call New Zealand. Even with the VPN the double VoIP hop sounded great.

dgwright99

Take a look at www.publicvpn.com.

bdesmond

A couple other things you can look at are OpenVPN (free) and SSH tunnelling. Both would be something you load on your machine at home. OpenVPN lets you do a full blown VPN tunnel, whereas SSH you run things over an SSH connection. Some SSH clients let you set it so you can use the SSH tunnel as a proxy server for your Internet connection.

blahter

I use DD-WRT and OpenVPN. DD-WRT has a version that has OpenVPN built in. Setup is a little more complicated than using hamachi though.

Fornebufox

I finally gave up on finding the mobile Mac of my dreams and just got an Asus EEE PC (Linux) for traveling. As a Mac person I have never worried about this stuff; what should I install or do to ensure security on wireless networks (this trip, Paris and Frankfurt)? Is VPN a software or hardware option? Help for a non-techie, please!