Which FW protects my laptop from being sniffed datas without using VPN?

Discussion in 'other firewalls' started by lieuliau, Nov 12, 2010.

Thread Status:
Not open for further replies.
  1. lieuliau

    lieuliau Registered Member

    Joined:
    Nov 9, 2010
    Posts:
    8
    Hello,
    In a LAN or a Wifi Hotspot, I don't want people can sniff my data like instant messaging, web page I visit... So which firewall can protect me? I don't want to use VPN. Thanks a lot!

    PS: Sorry for my bad English.
     
  2. Mem

    Mem Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    292
    Firewalls help control inbound and outbound port use on your PC but don't do data packet encryption. To do what you want you need a VPN or the website you connect to needs SSL (https in the URL) enabled.
     
  3. lieuliau

    lieuliau Registered Member

    Joined:
    Nov 9, 2010
    Posts:
    8
    Thanks! I understand now ^^
     
  4. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Especially when using an open Wifi hotspot (without any data encryption), you will have to make sure yourself about which sites offer SSL login (but also send cookies over unencrypted http back to you) and those sites that offer full SSL sessions like GMail and Hotmail.

    To avoid any issues, simply don't use sites/services that don't offer full SSL and personal data is involved, if you use any open/unencrypted Wifi Hotspot connection.
     
  5. lieuliau

    lieuliau Registered Member

    Joined:
    Nov 9, 2010
    Posts:
    8
    If my Wifi uses WEP or WPA, WPA2, will I be secured from being sniffed data?
    One more question, in a LAN, can people sniff my data?
     
  6. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
  7. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    Surely this does not apply to the average home user environment.

    The flaw, mentioned in the link, named Hole 196;
    'lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network and compromise other authorized devices using open source software, according to AirTight.' link.

    VPNs are excellent, I agree, for outside of the home but the average home user with a WPA connection, or even better WPA2 AES, doesn't need to be worried about this vulnerability.
    Like you wrote yourself, one is safe against attackers from the outside so 'nothing is safe' sounds a bit stretched.
     
    Last edited: Nov 14, 2010
  8. skylite

    skylite Registered Member

    Joined:
    Dec 24, 2009
    Posts:
    31
    If you meant the sniffer suspect is 3rd party suspect not the hotspot/net provider, you just need anti arp program installed or use blacklist arp snooping feature on your preferred firewall, this is a flaw in ipv4 design, if you are a provider you need thousand dollar router to prevent arp snooping(dynamic arp inspection), or you could use linux or bsd and run anti free dynamic arp inspection program on it, you will be free from those people who use arp snooping to sniffing you, but if you meant the hotspot provider, you have no other choice like others here said to use VPN(if the provider doesn't block it).
     
    Last edited: Nov 25, 2010
Loading...
Thread Status:
Not open for further replies.