Monday, November 5, 2012

Secure Wi-Fi with VPN

When you use a public Wi-Fi hotspot, you expose your Internet traffic to interception and evesdropping by other users of the hotspot, even when wireless access is secured by WEP or WPA with a shared key.

The best way to protect yourself is to use a virtual private network (VPN) service, which securely encrypts (protects) your Internet traffic all the way to the VPN service provider gateway, thus also protecting you against monitoring (snooping) by your Internet Service Provider (ISP). (Your traffic is not protected between the VPN gateway and remote websites, but this is normally not a concern.)


To create a VPN connection (or "tunnel"), software in your computer connects to corresponding software in the VPN gateway. You may be able to use VPN software included in the operating system with your computer, or you may need to download and install special VPN software, depending on the type of VPN connection (protocol). After you've made a Wi-Fi connection, you typically start your VPN software, which then makes the VPN connection to the VPN gateway.

A few of the better low-cost VPN service providers, where you can get information and help on what software, protocol(s), and gateway(s) to use as part of opening a VPN service account:
  • Air VPN
    ~$70 per year or ~$9 per month (depending on current Euro conversion rate, 10-15% off coupon codes may be available). Selectable servers in multiple countries; transparent policies on bandwidth allocation; high performance; no discrimination toward any service, protocol or application; full support for dynamic remote port forwarding. Uses OpenVPN (very high security). Support by forums and email.
  • Private Tunnel
    First 100 MB free, then pay (in advance) for capacity you actually use with no monthly fees. Free easy-to-use software for Windows, Mac, Android, and iPad/iPhone. Good performance and reliability. Blocks access to malicious websites by means of Google DNS. Supports DD-WRT wireless router firmware. Run by OpenVPN Technologies in Pleasanton, California.
  • VPNBook
    Free PPTP and OpenVPN. No registration required. No bandwidth limits. Privacy protection. Easy to set up. Free Web Proxy. Commercial service available at $8 per month. Headquarters in Switzerland. Servers in USA, UK, and Romania.
  • WiTopia
    Service as low as $50 per year. Monthly plan available. Pro account only moderately more expensive. Unconditional money back guarantee. Gateway servers in 57 cities in 35 countries. Fast and unlimited data transfer. 99.99% uptime. Supports OpenVPN (Pro account only), Cisco IPsec, L2TP/IPsec, and PPTP. Free SMTP Mail Relay and Secure DNS service. 24x7x365 Support by live chat or email. 
Not Acceptable:
  • boxpn
    Sends passwords in insecure email, and passwords can't be changed by users (both serious security issues).
Tips:
  1. Select a VPN service provider with care; cheap, fast, dependable—you only get two.
  2. Use only standard or open VPN protocols OpenVPN, OpenSSH, L2TP/IPsec, and SSTP.
  3. PPTP is considered cryptographically broken and should not be used.
  4. Only download and install VPN software from a trusted source, like OpenVPN.
  5. Test for and fix Windows DNS leaks here.

No comments:

Post a Comment