[Noisebridge-discuss] How do you secure your public wifi usage?
Ryan Castellucci
ryan.castellucci at gmail.com
Wed Jan 6 21:37:33 UTC 2010
On Tue, Jan 5, 2010 at 11:54 AM, Jonathan Lassoff <jof at thejof.com> wrote:
> Excerpts from Sai Emrys's message of Tue Jan 05 10:53:16 -0800 2010:
>> Proxifier just automatically patches *all* traffic through the proxy
>> per your rules.
>
> Much like an IP tunnel.
>
>> Basically IMO any solution that doesn't do that - anything that
>> requires per-item setup - is bad for security, because it allows human
>> error. I know that I certainly don't trust myself not to miss
>> something
>
> The exact reason why I recommend a network-layer tunnel that you're
> pointing your default route over.
> This way, any program that uses the local kernel to open a socket or
> connect out will take this path, even if the program or kernel knows
> nothing of the configuration of the tunnel/tunnel device.
>
> It also avoids the overhead and flow control of a TCP session, though if
> you're running TCP over this tunnel, you'll still see the increased
> latency.
Interestingly, SSH now supports full IP tunnling, though I haven't
used it. I use OpenVPN.
--
Ryan Castellucci http://ryanc.org/
More information about the Noisebridge-discuss
mailing list