Re: VPN ideas

To: debian-user@lists.debian.org
Subject: Re: VPN ideas
From: Joe <joe@jretrading.com>
Date: Wed, 9 Dec 2020 19:06:27 +0000
Message-id: <[🔎] 20201209190627.6f1f4e2b@jresid.jretrading.com>
In-reply-to: <[🔎] 20201209150359.GC8218@smallapple.localnet>
References: <[🔎] ed39b2e4-d4cd-fd4c-51ec-3f785c5771e2@gmail.com> <[🔎] 20201208094436.n5nd3xfj3ezqlrou@acr13.nuvreauspam> <[🔎] 20201208122740.26118b94@jresid.jretrading.com> <[🔎] 20201209094945.2ttxbc74i73yq2re@acr13.nuvreauspam> <[🔎] 20201209102146.407c73a0@jresid.jretrading.com> <[🔎] 20201209104944.stfcuq5b6ades4mw@acr13.nuvreauspam> <[🔎] 20201209110041.26a78e32@jresid.jretrading.com> <[🔎] 20201209150359.GC8218@smallapple.localnet>

On Wed, 9 Dec 2020 10:03:59 -0500
Henning Follmann <hfollmann@itcfollmann.com> wrote:

> On Wed, Dec 09, 2020 at 11:00:41AM +0000, Joe wrote:
> > On Wed, 9 Dec 2020 12:49:44 +0200
> > Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> >   
> > > On Mi, 09 dec 20, 10:21:46, Joe wrote:  
> > > > On Wed, 9 Dec 2020 11:49:45 +0200
> > > > Andrei POPESCU <andreimpopescu@gmail.com> wrote:
> > > >     
> > > > > On Ma, 08 dec 20, 12:27:40, Joe wrote:    
> > > > > >   
> 
> [...]
> 
> > > 
> > > Let me rephrase that: how is connecting to the internet from some
> > > public hot-spot decreasing my security?
> > > 
> > > I can think of possibly messing with DNS queries (use "own" DNS
> > > server instead, maybe with DNSSEC) and possible some attacks are
> > > easier via the local network (e.g. by other hot-spot users or
> > > local staff).
> > > 
> > > Other that that, as far as I'm aware, the biggest threat are the
> > > servers I access with my client software (typically web sites
> > > accessed with a browser), in which case it doesn't make any
> > > difference whether I access them via some VPN and/or (home)
> > > firewall.
> > > 
> > > (Assuming one doesn't run NFS, Samba, etc. *listening* software on
> > > the laptop in which case stopping those and/or running a firewall
> > > would be indicated.)
> > >   
> > 
> > I suppose it may depend on where you are. In the UK, public wifi
> > normally uses no encryption, because there are no local staff who
> > can help with problems. So any unencrypted protocol you use can be
> > overheard.
> >   
> 
> So let me be devils advocat here.
> 
> Is the network connection from your ISP encrypted?
> I guess not. So why is it more secure or trustworthy?
> 

It's not more secure, (apart from using wifi only occasionally) but the
kind of people looking at other peoples' network activities are more
likely to target public wifi than to sit outside my house. It will
require significantly more resources and risk to tap into an ISP cable
than to sit in a cafe somewhere with a laptop (running Linux) and some
black hat software.

-- 
Joe

Reply to:

Follow-Ups:
- Re: VPN ideas
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

References:
- VPN ideas
  - From: ellanios82 <ellanios82@gmail.com>
- Re: VPN ideas
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: VPN ideas
  - From: Joe <joe@jretrading.com>
- Re: VPN ideas
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: VPN ideas
  - From: Joe <joe@jretrading.com>
- Re: VPN ideas
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: VPN ideas
  - From: Joe <joe@jretrading.com>
- Re: VPN ideas
  - From: Henning Follmann <hfollmann@itcfollmann.com>

Prev by Date: Re: running microsoft team on debian 10.3
Next by Date: Re: SanDisk USB stick problem
Previous by thread: Re: VPN ideas
Next by thread: Re: VPN ideas
Index(es):
- Date
- Thread