Encrypting traffic over an unsecured wireless network

Tek7

Tek7

CGA President, Tribe of Judah Founder & President
Staff member
Okay, I've configured my computer to encrypt my web traffic, per this guide.

I (think I) can use the following commands in the Cygwin Bash Shell to send and receive e-mail over a secure connection:

ssh -N -p 22 root@xxx.xxx.net -L 57344/localhost/110

ssh -N -p 22 root@xxx.xxx.net -L 61440/localhost/25

While I have a few answers, I still have several other questions.

  1. Does Steam encrypt account credentials before logging on? I don't want to send my username and password in cleartext over an unsecured network--especially since there's over a hundred dollars invested in my Steam account.
  2. What about downloads? I was able to browse standard and secure web sites in Firefox, but I couldn't download a file while routing my traffic through the SSH SOCKS5 proxy. I'm not concerned about encrypting my downloads, but I also don't want to have to change my Firefox configuration every time I want to download a file.
  3. Why does Covenant Eyes lock up all programs that access the Internet when I tell it to use a SOCKS5 proxy? I might have to call Covenant Eyes tech support on this one.
  4. Does Covenant Eyes encrypt usage monitoring reports before sending them "home" to the CE servers? Another CE tech support question.
  5. Why can't I log in to HLSW over the SSH SOCKS5 proxy? The login attempt times out and my Cygwin Bash Shell returns channel 1: open failed: connect failed: Connection refused. Come to think of it, it did the same when I tried to download something.
  6. Does HLSW encrypt RCON passwords before sending? If not, I'll need to answer my previous question before logging in to remotely admin Tribe of Judah game servers.
 
I called Covenant Eyes tech support and got my answers.
Tek7 said:
Why does Covenant Eyes lock up all programs that access the Internet when I tell it to use a SOCKS5 proxy? I might have to call Covenant Eyes tech support on this one.
Click to expand...
Still no idea on this one, but it's not a concern since Covenant Eyes encrypts traffic before sending.

In other words, someone sniffing for passwords and personal information on a public wireless network isn't going to pick up the monitoring reports that Covenant Eyes sends to their servers.
Tek7 said:
Does Covenant Eyes encrypt usage monitoring reports before sending them "home" to the CE servers? Another CE tech support question.
Click to expand...
Yes. Yes, they do.
 
Tek7 said:
Okay, I've configured my computer to encrypt my web traffic, per this guide.

I (think I) can use the following commands in the Cygwin Bash Shell to send and receive e-mail over a secure connection:

ssh -N -p 22 root@xxx.xxx.net -L 57344/localhost/110

ssh -N -p 22 root@xxx.xxx.net -L 61440/localhost/25

While I have a few answers, I still have several other questions.
  1. Does Steam encrypt account credentials before logging on? I don't want to send my username and password in cleartext over an unsecured network--especially since there's over a hundred dollars invested in my Steam account.
  2. What about downloads? I was able to browse standard and secure web sites in Firefox, but I couldn't download a file while routing my traffic through the SSH SOCKS5 proxy. I'm not concerned about encrypting my downloads, but I also don't want to have to change my Firefox configuration every time I want to download a file.
  3. Why does Covenant Eyes lock up all programs that access the Internet when I tell it to use a SOCKS5 proxy? I might have to call Covenant Eyes tech support on this one.
  4. Does Covenant Eyes encrypt usage monitoring reports before sending them "home" to the CE servers? Another CE tech support question.
  5. Why can't I log in to HLSW over the SSH SOCKS5 proxy? The login attempt times out and my Cygwin Bash Shell returns channel 1: open failed: connect failed: Connection refused. Come to think of it, it did the same when I tried to download something.
  6. Does HLSW encrypt RCON passwords before sending? If not, I'll need to answer my previous question before logging in to remotely admin Tribe of Judah game servers.
Click to expand...
Unless it specifically says secured..it's not. So if you want to be secure tunnel EVERYTHING though ssh. I know for sure hlsw is xmitted int he clear and so is 95% of everything else.
 
Hescominsoon said:
Unless it specifically says secured..it's not. So if you want to be secure tunnel EVERYTHING though ssh. I know for sure hlsw is xmitted int he clear and so is 95% of everything else.
Click to expand...
I didn't see a place within Steam to configure a SOCKS5 proxy, so I posted this thread on the official Steam forums.
 
Tek7 said:
Okay, I've configured my computer to encrypt my web traffic, per this guide.

I (think I) can use the following commands in the Cygwin Bash Shell to send and receive e-mail over a secure connection:

ssh -N -p 22 root@xxx.xxx.net -L 57344/localhost/110

ssh -N -p 22 root@xxx.xxx.net -L 61440/localhost/25
Click to expand...
GRR, I can't get my secure e-mail configuration.

What am I doing wrong?
 
I'm using Bitvise Tunnelier as my tunneling client.

Here's my setup for client-to-server forwarding:



EDIT: I'm still unable to establish a secure connection for sending and receiving e-mail.
 
/bump

I'm thinking of switching from SSH to IPSec VPN for encryption.

What are the pros and cons?
 
Many thanks to Vibrokatana for helping me figure out how to secure my e-mail traffic.

For those who might be curious: I changed the "localhost" values under Destination to the addresses of the mail servers I was wanting to reach.
 
If your using wireless all the data is broadcast in the clear. If you ever get bored you can setup wireshark on a linux box and set it to the wireless card, set the channel (but don't join) then watch the packets flow by. Unless the connection is encrypted all the way to the server you are still vulnerable to sniffing and man in the middle attacks.
 
You must log in or register to reply here.
Back
Top