any opinions on wi-fi hotspot firewalls?

[jfd15]

hi,
i dont have much knowledge on the subject and i was wondering what

people thought of the Wi-Fi firewalls for surfing at public hotspots...


im thinking mostly about Anchor Free and the iPIG, which i guess you have to
pay for after a while.....


are they useful? i dont log on to anything like my bank at the Starbuck's etc,
but if i did, would these actually work??

[tradetime]

Quote:

Originally Posted by jfd15

hi,
i dont have much knowledge on the subject and i was wondering what

people thought of the Wi-Fi firewalls for surfing at public hotspots...


im thinking mostly about Anchor Free and the iPIG, which i guess you have to
pay for after a while.....


are they useful? i dont log on to anything like my bank at the Starbuck's etc,
but if i did, would these actually work??

Never given this one much thought to be honest as I don't use hotspots that much, but my suspicion would be that it's a gimmick, any good software firewall should do the job. Having said that, I really don't think logging on to your bank from Starbucks is up there with the great ideas

[ThunderZ]

Quote:

Originally Posted by tradetime

......I really don't think logging on to your bank from Starbucks is up there with the great ideas

Total agreement. Do not trust any hot-spot with personal info. IMO
As far as FWs`, as long as it recognizes the wireless NIC\network it will protect your PC to its` best capabilities. But once you send the info. all bets are off. I have both wired and wireless clients on my small LAN. I will not, do not use the wireless for any personal transactions. This despite the fact it is WPA protected with the longest alpha-numeric mixed character key possible.

[silver0066]

The best protection would be to use a VPN program that encrypts your wireless inbound and outbound if you are in an Wi Fi hotspot.

There are several programs that are available for this function. I use Steganos Internet Anonym VPN.

https://www.steganos.com/en/products...-vpn/overview/

Jwire also has one, but I have never been able to get it to work.

[YeOldeStonecat]

Software firewalls are irrelevant of protecting your traffic at a hot spot.

If you wish to do any work on your laptop where you want it to be secured...AnchorFree is a great free VPN setup. If you don't want that..setup your own VPN..build a VPN server at home. Or use the one at your office...asking for permission first. That way..your traffic goes through the VPN tunnel...so who the heck cares who sniffing traffic at the hot spot..your traffic is encrpyted.

Don't have resources at the work to use for VPN? Build one at home. Hamachi VPN is free...and wonderfully easy to setup. Many affordable routers you can use at home that have built in PPTP VPN servers, like a Linksys/Cisco RV0 series. Or if you built a nice linux distro router at home..most of those have OpenVPN built in.

Also often, I VPN to my office..remote desktop to my PC at the office..and work through that. VPN encryption..and Remote Desktop on top of that. Although not necessary...as the VPN is enough, it's just sometimes I gotta hop on my workstation at the office..and end up doing surfing and stuff from that.

[Diver]

Quote:

Originally Posted by ThunderZ

Total agreement. Do not trust any hot-spot with personal info. IMO
As far as FWs`, as long as it recognizes the wireless NIC\network it will protect your PC to its` best capabilities. But once you send the info. all bets are off. I have both wired and wireless clients on my small LAN. I will not, do not use the wireless for any personal transactions. This despite the fact it is WPA protected with the longest alpha-numeric mixed character key possible.

You have to be kidding. Assuming you use an offbeat SSID the amount of effort it would take to break WPA today would only be justified if a three letter agency though some really important bad guys were using the network. Present estimates are around 5 or 6 weeks using brute force. By the way, who is going to bother with you when there are unsecured and WEP networks all over the place. Aren't you banking connections HTTPS anyway?

[aigle]

Hi users! A dumb Q. I just installed a DSL linksys modem at my home and I am using it via Wireless. Do I need to use VPN encryption here as well?

Thanks

[ThunderZ]

Quote:

Originally Posted by Diver

You have to be kidding. Assuming you use an offbeat SSID the amount of effort it would take to break WPA today would only be justified if a three letter agency though some really important bad guys were using the network. Present estimates are around 5 or 6 weeks using brute force. By the way, who is going to bother with you when there are unsecured and WEP networks all over the place. Aren't you banking connections HTTPS anyway?

Over kill? Perhaps. But a simple and effective security measure just the same.

[tradetime]

Quote:

Originally Posted by YeOldeStonecat

Software firewalls are irrelevant of protecting your traffic at a hot spot.

Hi YeOldeStonecat, I understand that, (Ithink, I assume your talking from solely a snooping perspective and not a malware intrusion one) but from the slant of his original post, I assumed he was looking to protect his computer from malware etc, as such I would have thought worrying about anything beyond a software firewall, while a nice to have, is unnecessary. He did say he doesn't log on to his bank from Starbucks, my comment, that seems to have taken us down the encryption route was simply to re-enforce that. Quite frankly imho you can have James Bond style encryption on your box, but if your going to sit in the middle of a busy public venue with people loitering all around you and do your banking, or anything else that demands encryption, then your asking for trouble.

PS. I do like the idea of your VPN setup for say communicating with a bank, when necessary from say the privacy of your hotel room on a public network, may have to pick your brains on the do's and don'ts of that at a later date if you would be so kind.

[YeOldeStonecat]

Quote:

Originally Posted by tradetime

He did say he doesn't log on to his bank from Starbucks, my comment, that seems to have taken us down the encryption route was simply to re-enforce that. Quite frankly imho you can have James Bond style encryption on your box, but if your going to sit in the middle of a busy public venue with people loitering all around you and do your banking, or anything else that demands encryption, then your asking for trouble.

He didn't state that he currently did log into secure sites..but his post questioned if products such as AnchorFree worked or not...

"im thinking mostly about Anchor Free and the iPIG... ...are they useful? i dont log on to anything like my bank at the Starbuck's etc,
but if i did, would these actually work??"

Software firewalls can prevent worms 'n stuff from hitting your computer, and prevent people from accessing your computer directly..such as the ever popular \\ipaddress\C$ that can happen with those who leave their Administrator accounts left blank. Even the basic XP firewall is fine for me to protect my computer when I'm at public spots, it's short term.

However...software firewalls do nothing to cloak your online activity. Logins to websites can be in plain text. e-mails can be in plain text authentication. Once those packets have left your computer...they're going across the wireless...bare naken...and your software firewall cannot do a thing about it.

Using VPN tunnels, or using remote desktop connection to connect to a secured PC somewhere else and doing your work on that PC, while at an open wireless hotspot...your traffic is encrpyted. Once it leaves your laptop at the coffee shop..on its way to the access point...it's encrypted...safe. You can feel confident typing in usernames, passwords, sensitive info. Your only worry is prying eyes from someone standing behind you..looking over your shoulder at your login.

[tradetime]

Ok thanx for that description, understand what you are saying. VPN's are obviously a very useful feature to employ.

Also I missed the "but if I did" part, appologies, that query makes encryption of paramount importance.

[jfd15]

thanks for the responses....i wasnt sure if i could trust that their VPN was safe, sounds like it should be if what most on here say is true..so i will try all except banking then... (just a learner here, its always surprising how much people on these forums know
about computers) thanks...

[lucas1985]

Quote:

Originally Posted by aigle

Hi users! A dumb Q. I just installed a DSL linksys modem at my home and I am using it via Wireless. Do I need to use VPN encryption here as well?

If you share your connection, you might be exposed to eavesdroppers.
If not, just enable WPA/WPA2 encryption with a good passphrase.

[aigle]

Thanks lucas. I don,t share it.

[jfd15]

a last question on this if i may - in Firefox, there is an add-on called TorButton
that enables you to go through the Tor system(i guess)- is this accomplishing
basically the same thing as the wi-fi hotspot firewall?

[dNor]

Quote:

Originally Posted by jfd15

a last question on this if i may - in Firefox, there is an add-on called TorButton
that enables you to go through the Tor system(i guess)- is this accomplishing
basically the same thing as the wi-fi hotspot firewall?

Using the Tor network isn't the same as using a firewall, although it'd provide some encryption/anonymity.

[Diver]

Quote:

Originally Posted by dNor

Using the Tor network isn't the same as using a firewall, although it'd provide some encryption/anonymity.

Tor does not encrypt. It only hides your IP. Schneier wrote a piece on this recently.

[dNor]

Quote:

Originally Posted by Diver

Tor does not encrypt. It only hides your IP. Schneier wrote a piece on this recently.

He wrote about the embassy leaks, which just highlights the importance of necessary end-to-end encryption to get the best out of Tor's encryption from node-to-node.