Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 45

Thread: Safety Using Unsecured Wireless Network

  1. #11
    Join Date
    Jun 2009
    Beans
    1,618
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Keyloggers don't work on ANY connections, they are a client side malware like a virus, and they don't work on linux (Unless you run them yourself and give them your password)

    What you are reffering to are "Packet sniffers" - and yes they can be a problem especially over a crowded wireless network... It should be fine, but if you suspect your bank has lax security (Hell, ABN amro got caught with unencrypted headers) then I'd use TOR... What it does is bounce your connection secured around the world to somewhere else with (Presumably) a more secure connection...
    Comitas. Brevitas. Nulla ambitio.

  2. #12
    Join Date
    Jul 2007
    Beans
    201
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Quote Originally Posted by QLee View Post
    Encrypted end to end. What could anyone see in between other than there were packets going between the two IP addresses.



    It's what I do. IPTables block incoming from any network I'm on, you probably have your Firestarter doing that too.
    THANK YOU. You are correct - that is how I have my Firestarter set up. And I am on my own home computer with my own connection - I am trying to learn how to set up security so that when we do go on our vacation, I will have everything in place to "compute securely."

    After all, we will want to obtain our e-mail daily as well as access some other sites which require logins and passwords.

    The last time we went on vacation (several years ago, when security wasn't such a concern as it is today), we were still using Windows. We did not need, at that time, to access any financial institutions but we did have to access our e-mail. When we got home, we changed all of our passwords (which we normally do only once a year).

    But now, with the amount of "bad things" going on, I am naturally quite concerned as to the security of my financial dealings.

    I want to thank you, and everyone else, for replying to my question. I would still like to read others' experiences and opinions concerning dial-up connections, copying and pasting logins and passwords, and any other such [possible] security-enhancing procedures.

  3. #13
    Join Date
    Jun 2009
    Beans
    1,618
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    First, get rid of firestarter, it's been out of date for ages, and ubuntu already has a firewall installed: You won't need a firewall for everyday use.

    This isn't windows, you don't need to go security crazy unless you are doing something strange...

    As for pasting passwords: Myth - keyloggers are designed to catch stuff, and if you store the password on a file it just makes your system a LOT easier to break into... delete the file and just remember your passwords... add to that that it would take a lot of work to get keylogger onto your system and you're set...
    Comitas. Brevitas. Nulla ambitio.

  4. #14
    Join Date
    Jul 2007
    Location
    Virginia
    Beans
    28
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Safety Using Unsecured Wireless Network

    Packet-sniffing is a threat to be aware of, but not necessarily something that's going to be happening on a hotels public network, and in the case of you visiting a site where they use ssl (you're bank wouldn't be in business long without this), all the sniffing party is going to grab is encrypted packets.

    Ask other patrons, if the network is running very slow, this can be indicative of two things, 1) the infrastructure is crap (more likely in a cheap hotel) or 2) there's a man-in-the-middle attack going on. The latter is a situation where you would want to disconnect.

    Also, stay off ad-hoc networks. You'll know a network is ad-hoc because there will be a computer next to the wireless icon in Ubuntu's network manager.

    Keep in mind, Tor also does its best to encrypt traffic end to end, so it's actually increasing your security beyond the standard anonymizing capabilities usually associated with it.

    If you're obtaining your email, try to do that through an encrypted connection as well, if it's gmail, go through https://www.gmail.com, otherwise you'll have to find out if your email provider offers an encrypted connection. If you're really cautious, you can encrypt email that you send with gnupg, but information on how to do that is for a different thread

    Sorry if this post is a little wordy
    Last edited by mcphargus; July 4th, 2010 at 08:04 PM.
    http://www.nuxified.org/article/fork...ze_the_desktop
    Good enough is not enough. Being the best is not enough. - Danijel Orsolic

  5. #15
    Join Date
    Jul 2007
    Beans
    201
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Quote Originally Posted by J V View Post
    Keyloggers don't work on ANY connections, they are a client side malware like a virus, and they don't work on linux (Unless you run them yourself and give them your password)

    What you are reffering to are "Packet sniffers" - and yes they can be a problem especially over a crowded wireless network... It should be fine, but if you suspect your bank has lax security (Hell, ABN amro got caught with unencrypted headers) then I'd use TOR... What it does is bounce your connection secured around the world to somewhere else with (Presumably) a more secure connection...
    Thank you. I just "Googled" < packet sniffers ubuntu > and found a myriad of answers, several of which I will examine further.

    It appears that if I use a bit of common sense (running my financial institutions from my Bookmarks, for example) I should be all right.

    But, in the absence of any information to the contrary, I think I will use a dial-up connection (in conjunction with Firestarter, of course) for my financial transactions and copying and pasting logins and passwords (for e-mail, etc.) over unsecure broadband connections.

    It may be overkill, of course, but I want to be safe.

    Thanks again for writing to me.

  6. #16
    Join Date
    Jun 2009
    Beans
    1,618
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    It appears that if I use a bit of common sense (running my financial institutions from my Bookmarks, for example) I should be all right.

    But, in the absence of any information to the contrary, I think I will use a dial-up connection (in conjunction with Firestarter, of course) for my financial transactions and copying and pasting logins and passwords (for e-mail, etc.) over unsecure broadband connections.

    It may be overkill, of course, but I want to be safe.
    Insanity on so many levels

    Running from bookmarks changes nothing, pasting changes nothing, Firestarter may make things even less secure if you leave it running the whole time.

    Dial-up is more secure yes, that's a good thing.
    Comitas. Brevitas. Nulla ambitio.

  7. #17
    Join Date
    Oct 2009
    Beans
    Hidden!

    Re: Safety Using Unsecured Wireless Network

    Quote Originally Posted by lhb1142
    After all, we will want to obtain our e-mail daily as well as access some other sites which require logins and passwords.
    Gmail (for one) offers secure signon for email, you probably don't want your email passwords going in clear text.

    Quote Originally Posted by lhb1142
    I would still like to read others' experiences and opinions concerning dial-up connections, copying and pasting logins and passwords, and any other such [possible] security-enhancing procedures.
    Even if your system is not compromised by a keylogger running on it (where copy and paste might help), a keylogger which you were worried about is still possible if you use a wireless keyboard and someone is close enough to you with the correct equipment but since you aren't a secret agent, it's probably not a concern.

    Dialup is certainly slower and more expensive, and for very marginal extra security (merely no local packet sniffers - the 'Net is still a jungle).

  8. #18
    Join Date
    Jun 2009
    Beans
    1,618
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Wireless keyboard keylogging... hmm... Didn't think about that... Will google further...
    Comitas. Brevitas. Nulla ambitio.

  9. #19
    Join Date
    Jul 2007
    Beans
    201
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Quote Originally Posted by mcphargus View Post
    Packet-sniffing is a threat to be aware of, but not necessarily something that's going to be happening on a hotels public network, and in the case of you visiting a site where they use ssl (you're bank wouldn't be in business long without this), all the sniffing party is going to grab is encrypted packets.

    Ask other patrons, if the network is running very slow, this can be indicative of two things, 1) the infrastructure is crap (more likely in a cheap hotel) or 2) there's a man-in-the-middle attack going on. The latter is a situation where you would want to disconnect.

    Also, stay off ad-hoc networks. You'll know a network is ad-hoc because there will be a computer next to the wireless icon in Ubuntu's network manager.

    Keep in mind, Tor also does its best to encrypt traffic end to end, so it's actually increasing your security beyond the standard anonymizing capabilities usually associated with it.

    If you're obtaining your email, try to do that through an encrypted connection as well, if it's gmail, go through https://www.gmail.com, otherwise you'll have to find out if your email provider offers an encrypted connection. If you're really cautious, you can encrypt email that you send with gnupg, but information on how to do that is for a different thread

    Sorry if this post is a little wordy
    Wordy? Not! Your reply is exactly what I'm looking for! Thank you!

    I will do some more research on TOR. It may be a valuable adjunct.

    By the way, I already use Gmail in encrypted form.

    Thank you again.

  10. #20
    Join Date
    Jul 2007
    Beans
    201
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: Safety Using Unsecured Wireless Network

    Quote Originally Posted by J V View Post
    Insanity on so many levels

    Running from bookmarks changes nothing, pasting changes nothing, Firestarter may make things even less secure if you leave it running the whole time.

    Dial-up is more secure yes, that's a good thing.
    Thank you. I thought Firestarter was a good program to have; evidently it is not?

Page 2 of 5 FirstFirst 1234 ... LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •