How to protect my Ubuntu PC in a non-secure wifi NW?
Peter Garrett
peter.garrett at optusnet.com.au
Tue Sep 4 00:43:34 UTC 2007
On Mon, Sep 03, 2007 at 09:49:33PM +0900, Hai Dao Le wrote:
> Hi,
>
> I have heard a lot about the vulnerabilities when connecting a PC to a
> non-secure wifi network but don't know how to protect my private data in
> this kind of environment, e.g. web access, email, chat, etc.
>
> Please share your experience. Thanks.
If you have a computer that you can connect to ( say a home computer or a known-safe work computer),
you can use an ssh tunnel to connect from an unsecured wifi access point.
For instance, I can check my mail from a cafe by connecting through my home computer via ssh, either using
gui apps like sylpheed or evolution, firefox etc, or from the commandline. The data is encrypted end-to-end.
If you want a secure remote desktop, you can either tunnel vnc or use FreeNX (or Nomachine's proprietary version).
By default Ubuntu has no services listening, so unless you run such a service on your laptop with ports listening to the
outside you are pretty safe from attack in that manner. If you run an ssh server on your laptop, you can lock it down
with iptables ( or a front end for iptables like firestarter - very easy to use ). In addition you can use
tcpwrappers... port knocking ... the list goes on. there is no shortage of methods in GNu/Linux :)
There are also VPN solutions, but I haven't really looked into them, as I find my ssh methods good enough.
There are many how-to documents on the web about all these things. A good starting point is a search on the Ubuntu wiki
and https://help.ubuntu.com - in fact on that page you will find a link to a "Keeping Your Computer Safe" article.
Peter
More information about the ubuntu-users
mailing list