[Noisebridge-discuss] How do you secure your public wifi usage?
Brian Johnson
noisebridge at dogtoe.com
Thu Jan 7 17:06:57 UTC 2010
Just a friendly reminder that if you use Firefox and do not use a
system-wide proxy program like Proxifier, but instead manually specify a
SOCKS proxy, you should change the advanced configuration setting (in
about:config) *network.proxy.socks_remote_dns* (set it to true). Otherwise
DNS will be outside of the proxy, but Internet traffic will be inside.
- Brian
On Wed, Jan 6, 2010 at 4:25 PM, Jonathan Lassoff <jof at thejof.com> wrote:
> Excerpts from Sai Emrys's message of Wed Jan 06 16:17:08 -0800 2010:
> > On Wed, Jan 6, 2010 at 11:36 PM, Seth David Schoen <schoen at loyalty.org>
> wrote:
> > > I've never used -w, but if it implements TUN, it should be possible to
> > > use it with _any_ kind of IP packet (not just TCP and UDP, which
> > > SOCKS5 supports). Thus, you could presumably do ping and traceroute
> > > (which rely on ICMP) and other non-TCP/UDP protocols like SCTP. That
> > > would definitely not be possible with the SOCKS proxy created by -D.
> >
> > FWIW, when running Proxifier in DNS-catcher mode, I have noticed that
> > pings *do* use the proxifier psuedo-ip (0.0.0.foo). I presumed this
> > meant that they were in fact getting proxied, since that'd be the only
> > way to resolve that route.
>
> DNS is UDP, which as Seth metioned, SOCKS5 supports. So possibly, these
> requests get tunneled as well.
>
> A packet capture on your external interface will show you for sure
> what's up.
>
> --j
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20100107/b28f3ec8/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list