Results 1 to 13 of 13
  1. #1
    New Lounger
    Join Date
    Feb 2009
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    How do I protect my computer when I use the wireless connection at a hotel? Do I change my settings on my anti-virus program (Kaspersky) or the security settings on Internet Explorer?

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    [quote name='skwang896' post='770228' date='12-Apr-2009 16:13']How do I protect my computer when I use the wireless connection at a hotel? Do I change my settings on my anti-virus program (Kaspersky) or the security settings on Internet Explorer?[/quote]
    First, put your firewall software in its most restrictive mode. Many brands of software firewall detect that you are on a new network and ask whether it is a local network or a direct connection to the internet. The theory behind this question is that on the local network, you will want to allow more types of incoming connections (to share files, printers) than you would on the internet. If you are not asked this question, you might need to poke around in the settings to find it and set the security up a level (e.g., from "medium" to "high"). I do not know the exact procedures for the Kaspersky Internet Security suite. (If you are not using the Kaspersky suite, then presumably you are using the Windows firewall or another firewall to supplement the AV software.)

    But, this may not be the complete answer to your question. Some wireless specific tips:

    1. You may want to limit your connection to so called "infrastructure" networks, or access points. Connecting to "ad hoc" networks means you are connecting to someone else's computer. It's possible that access points can be faked, so it's helpful to know the actual name of the hotel's network rather than guessing.

    2. If you are connecting to an unsecured access point, then your traffic can be sniffed and easily decoded. If the access point is using poor encryption on its supposedly secured network, then the key can be cracked in a small amount of time and your traffic can be sniffed and easily decoded. Since you may not be able to tell, you should protect the contents of your communications by using SSL encryption. For example, many email servers allow (and some even require) you to use SSL to retrieve and send email. However, as a practical matter, there may be many communications you cannot secure.

    Otherwise, it's just like plugging in to a cable at the hotel.

  3. #3
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts
    In addition to the good advice from Jefferson
    • Make sure you carefully check certificates if you connect to any secure site (such as a bank or a site where you buy things).
    • You could hard code DNS server addresses into your TCP/IP properties. This prevents a scam where a hacked DNS server redirects banking or other well known web sites to a fake server. OpenDNS has DNS servers that are suitable for this.

  4. #4
    Lounger
    Join Date
    Jan 2009
    Location
    Whidbey Island, Washington, USA
    Posts
    26
    Thanks
    2
    Thanked 0 Times in 0 Posts
    I'll add my .5 cents' worth. Get a free SSL or VPN software app to protect yourself any time you're hanging out there wireless. There are many out there, you can Google for some, but here are a few I've read about that seem to be commonly used by the tech community:
    HotSpot Shield
    Hamachi
    OpenVPN
    A good place to check is VPNlabs.org for ideas.

    I just signed up for the Comodo Internet Security suite (paid for version) and it includes a really cool VPN called Comodo TrustConnect. Takes about one minute to install. Easy to use. One caveat is you're limited to 10GB a month of internet data. If you're traveling and doing this on an irregular basis or for casual use, 10GB should be fine. If not, then you can find a decent paid-for secure app that won't cost too much. Hope this helps.
    There are 10 kinds of people in the world:
    Those who understand binary
    and those who don't.

  5. #5
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    As I understand things, a VPN (Virtual Private Network) is a private tunnel in the internet between two nodes. You need the person on the other side to have a VPN also (and same software?).

    So cutedeedle, how do you use the Comodo VPN in daily work?

  6. #6
    Lounger
    Join Date
    Jan 2009
    Location
    Whidbey Island, Washington, USA
    Posts
    26
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Thumbs down

    [quote name='ibe98765' post='770741' date='15-Apr-2009 21:01']As I understand things, a VPN (Virtual Private Network) is a private tunnel in the internet between two nodes. You need the person on the other side to have a VPN also (and same software?).

    So cutedeedle, how do you use the Comodo VPN in daily work?[/quote]

    I don't use it for work. It's handy for travel/wireless. That's what I use it for. The VPN tunnel is between you/your account in which you sign in (after establishing the account with Comodo) and their server. It's really clever and doesn't slow down browsing. I've tried several free SSL and VPN solutions for my wireless access when out in the wild, and this is really slick. I've tested it with Gibson's Shield's Up and it always shows as the IP addy being in Texas or not even having a reverse DNS, both of which indicate you're safe. It was just what I was searching for, having tried, among others, OpenVPN (way too complicated), Anchor Shield, Hamachi, Anonymizer and Megaproxy (I paid for this one -- D'OH). One thing I needed (and this is important for many surfers) is the ability to still turn my scripts and Flash on and off with my FF addons NoScript and Flashblock. I couldn't do that with Megaproxy and they wouldn't help with a workaround. Thus I couldn't log into my Network Solutions webmail, which required scripting. Bah!

    BTW, if you just want the VPN without the entire Comodo suite you can subscribe to Comodo TrustConnect without the firewall/AV part.

    If someone needs a VPN at work (I'm an independent I.T. consultant) I would hope the employer would provide the VPN ability. A good VPN will allow you to log in securely to the server at the workplace and also then let you go back out to the internet -- securely. If it doesn't, they haven't set it up correctly. I know, I used to be an I.T. Director!
    There are 10 kinds of people in the world:
    Those who understand binary
    and those who don't.

  7. #7
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    I've only used VPN's for work where the destination is the work network.

    I looked at the Comodo TrustConnect info but it is not detailed enough for me.

    How would you use the Comodo VPN to connect to an email ssytem that doesn't offer a direct HTTPS connection?

    After making the connection from your computer to Comodo, would you type the email site name in the browser, then Comodo would intercept and route the command to the destination?

  8. #8
    Lounger
    Join Date
    Jan 2009
    Location
    Whidbey Island, Washington, USA
    Posts
    26
    Thanks
    2
    Thanked 0 Times in 0 Posts
    [quote name='ibe98765' post='770982' date='16-Apr-2009 21:41']I've only used VPN's for work where the destination is the work network.

    I looked at the Comodo TrustConnect info but it is not detailed enough for me.

    How would you use the Comodo VPN to connect to an email ssytem that doesn't offer a direct HTTPS connection?

    After making the connection from your computer to Comodo, would you type the email site name in the browser, then Comodo would intercept and route the command to the destination?[/quote]

    I couldn't see exactly, from any site description, what Comodo TrustConnect did either nor how it does it other than general marketing blather. Here's what goes on:
    1. Install TrustConnect as a separate installation. I've installed on three computers -- one netbook w/ WinXP Home, one laptop w/WinXP home, one desktop w/WinXP Pro.
    2. You can install TC on all home computers for one license fee but you may have only one active connection at a time. You'll see why below.
    3. TC creates a 2nd (or 3rd) LAN adapter (TCPIP) connection that is a "TAP-Win32 Adapter V9" with a new pseudo MAC addy. Remember, this is virtual so you don't care what the MAC addy is.
    4. TC will create a program icon that you can keep in your system tray if you want. Also it will create another network icon in the system tray, this one will be the newly created LAN adapter with the virtual MAC. Until you connect, your little network icon will be "x"ed out as though your wireless is off or your ethernet cable is unplugged. This virtual LAN adapter and MAC will be created only once so you won't go through all this after the initial install.
    5. Ready to connect: Right click on the TC icon in the system tray, then in the context menu click Connect.
    6. The first time you connect you'll create a username and password for authentication.
    7. You'll get a Comodo TrustConnect User Authentication pop-up window where you type in your username and password you've chosen. You can also tick the box for it to remember your name and PW. Click OK and the TAP-Win32 connection will be made to their server, probably in Texas. You'll acquire a VPN network addy from them, usually 172.20.xx.xx.
    8. From thence forward until you disconnect, *all internet access* is done through this connection via Comodo's VPN server. Thus your true IP addy and location are located elsewhere. All surfing is then secure. I have tried this using wired and wireless. It makes no difference to the VPN. I haven't seen any difference in speed but haven't done the speed tests with the VPN.

    To connect to an e-mail system, like Yahoo, Gmail, Hotmail, my Network Solutions hosted e-mail, you just use it as you normally would.

    When done, you disconnect using the TC icon and your VPN connection is closed. You'll see the little network icon "x"ed out again and Windows will tell you a network cable is unplugged.

    I don't know why Comodo is so lacking in details about this service, since separately they charge about $5 a month or $50 a year if you're not getting a Comodo firewall license. The documentation is a little weak too, but it's so simple to use there's nothing to it.

    Hope this helps. No, I don't work for Comodo but I'm impressed with the VPN's ease of use and speed.
    There are 10 kinds of people in the world:
    Those who understand binary
    and those who don't.

  9. #9
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    [quote name='ibe98765' post='770982' date='16-Apr-2009 21:41']How would you use the Comodo VPN to connect to an email ssytem that doesn't offer a direct HTTPS connection?[/quote]
    This kind of VPN tunnel encrypts your traffic only between your laptop and the service provider. The goal is to protect against local sniffing (e.g., on a wireless or untrusted wired network). The service provider then forwards your packets using the original protocol. If that's IMAP or SMTP or HTTP, none of which feature encryption, then you're in cleartext during that leg of the journey.

  10. #10
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    [quote name='jscher2000' post='771122' date='17-Apr-2009 14:17']This kind of VPN tunnel encrypts your traffic only between your laptop and the service provider. The goal is to protect against local sniffing (e.g., on a wireless or untrusted wired network). The service provider then forwards your packets using the original protocol. If that's IMAP or SMTP or HTTP, none of which feature encryption, then you're in cleartext during that leg of the journey.[/quote]

    Ah! That's what I thought originally.

    So the Comodo offering does sound like a good solution for those who use wireless (particularly at public places) who ar enot connecting directly to a work VPN nor visiting web sites that don't run thought that VPN.

  11. #11
    Lounger
    Join Date
    Jan 2009
    Location
    Whidbey Island, Washington, USA
    Posts
    26
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Red face

    [quote name='ibe98765' post='771126' date='17-Apr-2009 14:42']

    Ah! That's what I thought originally.

    So the Comodo offering does sound like a good solution for those who use wireless (particularly at public places) who ar enot connecting directly to a work VPN nor visiting web sites that don't run thought that VPN.[/quote]

    Just for clarification, because the TrustSecure documentation on their web site is really inadequate, I've included a snip from the help file on TC in my Comodo help file. Please note, this works for wired and wireless, they don't make that clear.
    <snip>
    TrustConnect Overview
    --------------------------------------------------------------------------------
    Comodo TrustConnect is a secure Internet proxy service that creates an encrypted session when users are accesssing the Internet over public wireless connections. Since these wireless sessions can be relatively easily intercepted, they present a significant data vulnerability gap for businesses and consumers alike. TrustConnect is designed to eliminate these types of data hijacks by preventing criminals from attacking or scanning your system from the local network that you are using to connect to the Internet. It also encrypts all of your traffic destined for the Internet (including Web site addresses, instant messaging conversations, personal information, plain text usernames and passwords and other important information.) After connecting to the service, the TrustConnect software will indicate that traffic is being encrypted as it leaves your system. Data thieves and hackers cannot 'sniff' or intercept your data - they can't even determine where your information is coming from because, as you are connecting to the Internet through a SSL secured VPN connection to the TrustConnect servers, your requests appear to come from our IP address. Ordinarily, cyber criminals could easily intercept these broadcasts.

    Setting up Comodo TrustConnect is easy, as it works on most operating systems (Windows, Mac OS X) as well as with most firewall applications. Typical setup takes less than three minutes. TrustConnect clients are available for Windows, Mac OS, Linux and iPhone mobile devices and can be downloaded by logging into your account at https://accounts.comodo.com/account/login . Your Comodo Internet Security Suite Pro confirmation email contains confirmation of your the username that you set up during intial sign up and a subscription ID for the service. Once logged in, click the TrustConnect tab to add subscriptions, change billing and contact information, and review the ongoing status of your service. Your Comodo Internet Security Suite Pro TrustConnect account has a 10 GB/month bandwidth limit.

    Comodo Internet Security Pro customers also receive the $99 value ‘Total Security and Support’ LivePCSupport package. Please visit http://livepcsupport.com for full product details. Please visit http://personalfirewall.comodo.com to sign up for Comodo Internet Security Pro.
    <snip>

    The primary downside is the 10GB limit per month.
    There are 10 kinds of people in the world:
    Those who understand binary
    and those who don't.

  12. #12
    5 Star Lounger ibe98765's Avatar
    Join Date
    Aug 2001
    Location
    Bay Area, California, USA
    Posts
    968
    Thanks
    19
    Thanked 4 Times in 4 Posts
    Thanks. That was helpful.

    Is there a counter showing how much bandwidth you have consumed in a month?

  13. #13
    Lounger
    Join Date
    Jan 2009
    Location
    Whidbey Island, Washington, USA
    Posts
    26
    Thanks
    2
    Thanked 0 Times in 0 Posts
    [quote name='ibe98765' post='771229' date='19-Apr-2009 01:59']Thanks. That was helpful.

    Is there a counter showing how much bandwidth you have consumed in a month?[/quote]

    Yes, but it's on their website. You log in to your account and it tells you your byte count for the current day, the month, and YTD. It gives you numbers and graphs. Unfortunately if you've reached your 10GB limit for the month, from what I've read in the forums you're cut off until the next month!

    I'm still doing a free 30 day trial but I would only use TC for casual wireless so it isn't an issue for me. For a road warrior, may not be a good solution. I don't know if you can buy more bandwidth. I've installed on my laptop that has wired and wireless and the TC connection then becomes the 3rd LAN adapter.

    You can always get a free 30 day trial of Comodo and check it out. The TrustConnect also has a free trial just by itself it you don't want the firewall, but it's only for 7 days. Caveat: for both products you have to cough up your information along with your credit card, just in case you forget to cancel the free trial.
    There are 10 kinds of people in the world:
    Those who understand binary
    and those who don't.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •