[plug] Safely using an untrusted router
brad at fnarfbargle.com
Tue Oct 20 03:07:58 UTC 2015
On 20/10/15 10:51, Dirk wrote:
> G'day fellow PLUG'gers,
> Anyway, I'm hoping someone knows how to handle an untrusted router, and
> whether a VPN tunnel would guarantee a secure connection, whether or not
> there are any DNS hijacks/spoofing or any other funny games going on in
> the router.
I'm often on untrusted networks. I use an openvpn tunnel to either my
home system or a co-located box depending on which hemisphere I'm in.
I use the tunnel as my default route, so once it's up all traffic
traverses it. This slows down browsing quite a bit as dns lookups are
considerably slower however.
I don't use a "router" at home. Just have a a billion modem in
passthrough mode and run pppoe on the server.
We use a Zimbra server and I run the Zimbra client for mail. I started
getting ssl alerts when out and about because the foreign networks were
trying to man in the middle my ssl sessions, so I switched to tunneling
everything over the vpn.
I would not say it's 'secure' as such, but it will stop anyone on the
same local network segment sniffing traffic and provides an extra layer
of 'warm fuzzy' at the expense of speed and latency.
I think the likelihood of 'BIOS malware' is probably pretty low. I would
suggest if you don't trust your local network then you should be doing
something about that first rather than trying to work around it.
More information about the plug