[lug] wireless security back home when in foreign countries

karl horlen horlenkarl at yahoo.com
Sun Nov 29 11:50:54 MST 2009 

> Maybe.  They don't usually block a specific port when
> they block a port,
> instead they tend to block everything EXCEPT a few ports,
> like port 80 or
> 22.  So, you may be better off having it be a standard
> SSH port.  But, it's
> been rare lately that they do such blocking.

good to keep in mind.

is it possible to run ssh on multiple ports?  might be a good test to see how cafe ports are config'd on my journey versus locking me into one or the other in cases where only 22 is open.  

> I have been using OpenVPN with it's "default gateway"
> option to pass all
> traffic except that going to the VPN server to go over the
> VPN.

something about the way that's worded confused me.  if you care to clarify please do.  maybe a doco link? are you talking on client or server i can't tell?  sorry for my lack of understanding here.

> I've used this mechanism at Defcon, for cats sake.  If
> you think you'll be
> traveling in hostile environments, it's nothing compared to
> that.  I had
> locked down the firewall so that the only thing it would
> send or receive
> on the wireless interface was DHCP and OpenVPN.

thanks for the config tip.

> I think OpenVPN works just great, and has "getting started"
> documentation
> which I think it quite easy to get started with using a
> VPN.

thanks for the recommend.  that openVPN website looks like a NON free product :)

getting back to ports, are vpn ports likely to be blocked remotely?  are there such things as std vpn ports?  and would it make sense to configure vpn on port 80 or port 22 to be certain? i'm not sure how trivial that would be.

also, vpn over ssh port 22 would shutdown ssh unless i moved ssh to a non std port (i think)?

> keylogger saved.  I just travel with my netbook which
> has the VPN and
> encryption on it.

sounds like the simplest and best method.

encryption is another area i'm pretty newbe on.  

- what encryption package do you recommend?

- do you encrypt the entire drive, partition or just a parent directory and hence it's children?  any advantages to one versus the other?

- is the encyption automatically automated?  meaning do i have to indivually run some procedure to encrypt a file or are all files automatically encrypted.  same goes for teh decryption side.  once i start the netbook for the day, is there a global decryption key passphrase or something that UNLocks the files or must i type in some kind of auth for every file i open?

again sorry for the lameness on the subject

thanks

More information about the LUG mailing list