Tag Archives: vpn

2nd VPN experiment

Posted on by

I posted recently about using HotSpotVPN to secure my wireless Internet connection while traveling. Once I had the VPN configured I started up Ethernal to see if my traffic really was encrypted. I was disappointed to find that some of my network traffic, including my .Mac email password, was still visible. I’m not sure if I misconfigured something, but clearly that’s not going to do the job.

I did some more digging and signed up for a month-long trial with PublicVPN. This service differs significantly from HotSpotVPN in that it utilizes standard VPN protocols instead of tunneling over SSL. As a result, access to the PublicVPN service may be blocked by hotel or coffee shop firewalls just when you need it most. (SSL VPNs are almost never blocked because doing so would prevent Web surfers from using secure sites for shopping, email, banking, etc.) PublicVPN works flawlessly with OS X and Windows using the built-in VPN clients. I did some more packet sniffing and all passwords appear to be encrypted. Another plus is that the PublicVPN service is cheaper at $5.95/month or $59.95/year.

OS X Internet Connect screenshot

Technorati Tags: , , , ,

Secure computing on the road

Posted on by

I’m in Rochester, MN for a couple days this week working as a mentor at an ISTE Institute. After listening to the latest Security Now! podcast with Steve Gibson where he talked about VPNs, I decided that I should probably get my act together and get set up with a secure connection.

If you ever use a laptop in an untrusted environment you should be using a VPN. By “untrusted” I mean a setting where you’re not sure who might be eavesdropping on your communications. Coffee shops, hotel rooms, and even remote offices on wired connections are good examples. Many people these days are used to using SSL-encrypted Web access for banking or online commerce (the “https” sites), but it’s less obvious that many email connections are unencrypted. In other words, unless you take steps to avoid it, the default behavior is usually to send your email password flying across the network in plain text where it can be intercepted by someone running a packet sniffer.

After doing a bit of research online, I signed up for a month of HotSpotVPN service. After a relatively straightforward install (it’s easier on a PC), I was connected to their service and all of my Internet traffic is now running through an encrypted “tunnel” and immune from inquiring packet sniffers. The service is about $10/month and I consider it a bargain for frequent travelers or anyone who uses wifi connections in public places.