Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Con-fu revisited SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Con-fu revisited

Next week is a very famous pair of security conferences in the US.  I imagine quite a few of our readers will be attending.  So I offer my tips on secure networking from untrusted wireless networks.  You don't want to end up on the "Wall of Shame", right?  Assuming that you trust your wireless device drivers and SSH, here are my tips (from 2005):

Please note that you can do this a little more easily without the Squid proxy on your remote SSHD (and using the built-in SOCKS proxy of SSH).  However, if you use that approach your DNS requests still go through the local network.  If you use Squid, your DNS requests are also proxied which is benefitial.

Also note that the wireless network does seem _way_ more reliable the past two years, but it still goes down occassionally.


112 Posts
Jul 28th 2007

Sign Up for Free or Log In to start participating in the conversation!