SEARCH

The How-To Geek Forums Have Migrated to Discourse

How-To Geek Forums / Tutorials

SSH Connection for newbies - help needed

(2 posts)
  • Started 2 years ago by Ugoogle
  • Latest reply from ispalten
  • Topic Viewed 1127 times

Ugoogle
Posts: 23

Hi there,

on this page I read the phrase:

We don’t want to sound alarmist but given how simple it is to set up a basic encrypted tunnel and what an enormous headache it is if your identity/credentials are compromised, there’s really no reason to not take the small steps necessary to secure your mobile browsing sessions.

So, since I've always trusted HtG with good advices and simple answers, I'm looking at the article now and I find it way too complicated and not a "small steps" process at all..

So I am wondering, since I'm not paranoid but sensitive on security:
- Is this really necessary for you?
- I don't understand the basics. It talks about configuring the personal router (e.g.at home) and then using a wi-fi in a café. How are the two connected? What impact can it have to me if I setup the router at home when connecting to wifi in a café? I would say no impact so..
- Why would I care doing this at home if I setup a good wpa pass?
- What can I really install in my computer to have a safe browsing experience in free hotspot? Can I do that with free software, easy to use and perhaps available to install on a work computer and on a modem provided by the telephone company?

I realize that's a lot of questions.. thanks in advance to anybody available to help
Ugo

Posted 2 years ago
Top
 
ispalten
Posts: 6259

Alot of questions, but it all boils down to security.

Simply put, wireless has to send data over the air. To better understand what it looks like, one needs to get a PACKET SNIFFER.

I suggest you try one of these :

http://www.packet-sniffer.net/
http://www.ip-sniffer.com/
http://www.nirsoft.net/utils/smsniff.html

Any one, just run it and then use a browser and your e-mail client. Then look at the data. It could be very large, but examine the data.

You will see some stuff you would NOT really expect to see. Using an e-mail client, either on your computer or even the web. UserID and P/W is sent in CLEAR TEXT, that means you can READ it. Some goes for that bank or this forum.

So what is SSH? It is another form of encryption. Anything going out gets encrypted on your computer and then it goes to your Proxy server, your router, which decrypts it and then completed the process. Anything coming back goes to your router, get encrypted. then if in a WiFi hotspot to that place to your computer, or if home direct to your computer, which decrypts it, and you are done.

Yes, this takes time. You'll see a performance hit probably. More so away from home than at home.

Does this protect you, yes, more that you were before.

However, if you don't do banking in a WiFi hotspot or get e-mail, or make credit card purchases, your exposure is less. For many people this is not the case though. Working with 'sensitive data', same thing. But how many corporate people use SSH?

There are programs that use SSH for FTP, TELNET, etc. only. The server you connect to requires it and you have a client that does it. It just encrypts/decrypts the data for you before sending it out and when it comes back.

What are the chances of that 12 year old kid sitting in range of the signal you send out? What are the chances he has the 'power' to capture all the signals going out if 12 people are transmitting? Actually, he only needs to get the 'important' packet. This is why some banks use multiple pages for sign-ins. That way your UserID and P/W can't appear in the same packet.

Can someone sit outside your house or apartment and capture the data? Sure, but in that case since it might be a single stream of data, it would be easier to put '2 and 2' together.

Does this happen? I don't know, but it can theoretically. READ THIS for instance.

If there is a form of protection on the connection, WEP, WPA, WPA2, etc. the task becomes harder. However, if the key/passphrase is known the task becomes easier, just not in real-time, but computer can easily translate it if one knows how to do it.

Anyway, some more reading for you :

http://donnalgroup.net/Interne.....%20DGI.htm
http://www.home-network-help.c.....tspot.html
http://www.nytix.com/NewYorkCi.....urity.html
https://www.privacyrights.org/fs/fs2-wire.htm#6

In most cases, your risk is probably bigger if you keep personal information on your laptop and it is stolen. However, the RISK is there... I'd say the risk is bigger at an airport, a couple of gates, 3 to 4 hundred people sitting around, many using laptops, tablets, etc. and all you need is one capturing the data flying around. Compare that to the number of people at a Starbucks...

Irv S.

Posted 2 years ago
Top
 



Topic Closed

This topic has been closed to new replies.