TOR or VPN?

Shopping Coupons for Labor Day Weekend Mac OS X Leopard vs Microsoft Windows Vista 32-Bit Windows and 4GB of RAM Does it make pfSense to wear SSH SOCKS? Windows Vista SP1 Virtual Private Sushi!? Coupons That Expire SoonTOR or VPN?The Final Word on Zango and Revver Hosted Exchange Problems VMware vs Virtual PC Revver is Behind Zango Crapware Fiasco

Pirillo.comOnline Privacy and Security: TOR or VPN?I always get nervous on open and/or public WiFi networks – especially when it comes to checking sensitive information like email. Some people say that a VPN (a virtual private network) solves that problem, but I don’t seem to have anything other

a href=”http://media.pirillo.com/”>Video Help</a> | <a href=”http://feeds.pirillo.com/ChrisPirilloShow”>Add to iTunes</a> Related Content:What is VNC remote desktop?A New Kind of CastSmartphones are SmartTOR or VPN?How to Access Your Computer Remotely with a VNC KVM Source

Typos and all, great…lol I should have been more careful with my typing. ;)

Here is more of my ‘advice’; to be picked through by the readers for further suggestions.

###
> Effectively, it’s more like the tunnel for communication provided by the
> VPN, rather than the VPN itself.
>
> Think of a VPN as a, well, a bridge. It connects two networks together
> over a third, the Internet.
>
> Will TOR act as a secure tunnel of email and other communication? You
> bet. It’s bad enough to have the NSA frowning. :)

> Effectively, it’s more like the tunnel for communication provided by the
> VPN, rather than the VPN itself.
>
> Think of a VPN as a, well, a bridge. It connects two networks together
> over a third, the Internet.
>
> Will TOR act as a secure tunnel of email and other communication? You
> bet. It’s bad enough to have the NSA frowning. :)

You could use putty to set up a tunnel to an ssh server (not as hard as it sounds). You just need access to an ssh server. I have used this for some time now to check email while in public as well as to get through firewalls at customer sites when I needed to check my personal mail. Its very secure and doesn’t expose either side (your side or your server) to attacks. And its not just limited to *NIX, there are sshd servers for Windows too. Just a thought.

TOR is a great idea, but last time I tried to use it, it was unusably slow, and stopped working altogether for minutes at a time. Perhaps things have changed since then (it’s been months), but if they haven’t, I couldn’t see using it for day-to-day stuff.

Google doesn’t like it when I search, for anything at all, with Tor running. Is there anyway around it? I get a message saying it thinks I’m a spyware bot. Are all search engines going to behave the same way?

Chris –

You ought to run TOR on one of your servers too. That way you also contribute some bandwidth back to the TOR network. Since you’re a tech savvy guy, you might even consider hosting an exit node, as you’re probably connected enough to keep the configuration (and black/white lists) up to date.

Personally I run a TOR on my home server 24×7, though I haven’t yet configured my LAN, to the point that I’d be comfortable running an exit node.

TTFN
Tom

Or just keep yer email client on the home machine and
use remote software for access.

Use the FREE version of LogMeIn (like GotoMyPC).

Markus Diersbock
SwingNote

Chris, just so you are aware, no one can log into Wyldryde chat (including your channel) when they are using TOR. Because of serious past abuse, we have had to disallow it completely.

If anyone needs more information or has questions, you can post on the Wyldryde forums, or talk with one of the IRC Operators (such as myself) on Wyldryde. :)

Use Hamachi.

Have you ever tried Hamachi? There is no need for port forwarding.. Just download and install the application.. (Windows, OS X and Linux) Create a network name.. Set a nice secure strong password (64 character). I would have one generated at grc.com.

Once you have that set up. Download Hamachi on any other computer you would like to have connect to your Hamachi network. Join the network by inputting your Hamachi network name and password..

Now you have an alternative to VPN without exposing open ports. You can do WIndows File Sharing, FTP, VNC or Remote Desktop all from a secure network using 256 bit AES encryption.

You can download there free software @ http://hamachi.cc

Here is a little tip: For extra added security you can still run your VPN server. Just close the ports on your firewall. Install Hamachi onto your VPN server. Now when clients join your Hamachi network they can still VPN into your server (just use the IP address assigned by Hamachi, input that into your VPN client)

Now you have double the security and encryption.

Wirelesspacket

HotSpotVPN http://www.hotspotvpn.com is all you need.

I always get nervous on open and/or public WiFi networks – especially when it comes to checking sensitive information like email. Some people say that a VPN (a virtual private network) solves that problem, but I don’t seem to have anything other than a way to dial into a VPN server. Since I don’t have a VPN server, I’m stuck with half a solution.

Great topic, Chris. To escape the 1000 degree heat today, I signed up for a T-Mobile account–like I need another IP service provider–and headed off to the special Starbucks. The only problem was, I was too concerned about data security to really get any work done. (There was a creepy and weird guy who kept looking at my screen while I was tooling around WHM… nice).

Not only was I nervous about checking email but I wanted to register a domain… http://themarkside.com and create the account entry on my server.

Okay, I’m going to go back up and read your post now. Very timely.

http://www.versiontracker.com/dyn/moreinfo/win/106834

Chris,
why not just bite the bullet and set up a vpn server?

too easy these days with applications like MS SBS2003 (this is what i use for my family/home email and web pages etc).

this would also add a ton of other functionality like auto backups which you’ve asked about before. Plays nice with asterisk for voip if you get isa 2004 as well.

http://www.cognation.net/asterisk

Cheers,
Dean

Dean Collins

That’s what I’ve been looking into but wasn’t sure of which software to use. Thank you for the tip.

http://shiftplusone.com/haha.jpg

Because of the heat and because I’m not having an easy time adjusting to a home office after spending the last few years working in buildings with open office floors and surrounded by people with ADHD, I’ve been setting up shop at the Special Starbucks. The only problem is, I don’t feel very confident that any of my data is secure.

Since signing up for T-Mobile wifi a couple of days ago, I’ve been feeling a strong need for a VPN. In fact, I just FTP’d the above linked jpg from one server to my desktop and back up on the Shift+One Media server. That’s 2 unencrypted access codes right there!

My big question is, why aren’t there more solutions available? I would think that the big-hot thing would be wifi security suites. Is this an emerging market or is someone missing the boat?

What I will likely do is to provide a consumer-friendly wifi security page on the Shift+One Media website once I can work out all these issues for myself.

!

Follow me on
Lockergnome – http://themarkside.com
Twitter – http://twitter.com/markdavidson

Fully agree with what you said, here is my addtional 2 cents:

Just finish the Frontier Visionary Interview with Alvin Toffler ( http://www.hwswworld.com/uploaddownload/interview/toffler.mp3 ), I was impressed by his sharp mind as well as his talking speed, that is probably why he could made those precise predictions, such as Prosume, a combination of outsourcing and DIY

Through the interview, the following viewpoints have been drawn:

1. There is no truth, only the correctness of truth to be proved. That is the fundamental limitation of human perception of reality

2. Minority power is good in certain way; it is ridiculous a high school drop out shall have the same voting as that of post-doctor. Elite ruling is good for a less developed world for sure

3. To fix the education system, the key is not the system itself; the key is people, especially those students. How to motivate them is a key challenge, since current generation and future generations need not study and work hard in order to make a decent living as we did before

4. The causes and effects of innovation to drive knowledge creation is yet a wild land or wonderland to be fully explored

5. There is a possibility for business miniature to happen, it will be not a shame any more for one-man shop, or one-shop man

6. Where will the modern civilization head on remains an open question

7. Human intelligence will be enhanced through technology advancement

I too run TOR via Vidalia. I keep hoping it is as secure as it is made out to be. However, my understanding is that the data between your computer and the first node it connects to is clear data, unencrypted, and likewise between the last node and the site you’re conneting to. So I’m not sure if I’d be willing to use it at my local WIFI.

Tor isn’t going to give you the security that you want, the traffic is still unencrypted between the exit node and the destination, and you have no idea who’s running the exit node. I’d sure be tempted to sniff the traffic if I had a Tor exit node running.

I second the earlier suggestion about an SSH tunnel, that’s how I protect my Wifi use on public networks. SSH to a home SSH server, and tunnel my web browsing over that connection. Or tunnel remote desktop/VNC over that connection and then run everything from your home computer.

Tor would help secure the local link, that is, anyone else on the same wifi network. However, the end node can sniff all your traffic unless you are using SSL.

The other mentions of SSH tunneling work well, but only for limited applications. SSH tunneling is really a hack around of a real VPN.

A real VPN is the *correct* answer, even though it’s kind of a pain to set up. OpenVPN is an SSL VPN (and the ONLY secure SSL VPN) that’s free, though you need to understand Linux routing to really get the benefits. Other “SSL VPN” solutions that have “no client install” or work like VNC are SNAKE OIL and TERRIBLY INSECURE.

Hi Chris

If you dont have a vpn running, this is a page with easy steps how to get one running:

Windows XP VPN Setup
http://wireless.gumph.org/content/6/4/011-howto-xp-pptp-vpn-user.html

Windows Vista VPN Setup
http://theillustratednetwork.mvps.org/Vista/PPTP/PPTPVPN.html

Ubuntu GNU/Linux VPN Setup
https://help.ubuntu.com/community/VPNServer

It is not rocket science to set one up.

About Tor
Tor is a whole different story, its main goal is not securing your connection, but to anonymize it, the packets are not being encrypted, only passed to a mass of proxies.

So if you want to defend yourself from sniffing attacks, use a vpn, if you just want to be anonyme, use tor.

Btw, combining tor and vpn isnt such a good idea, it does not only cricitally slows down your network connection, but also the more machines your packets are being processed over, the more likely theres one inbetween, that might be able to break it.

I use Tor and have a question.

I understand that all traffic between Tor nodes is encrypted.

I understand that the Tor exit node is able to see all unencrypted traffic to/from website.

I understand Tor is all about anonymity and has little to do with security.

What is the best, most efficient way to run both securely and anonymously using Tor? Do Is setting up OpenVPN a solution running over Tor??

I use Perfect Privacy (anonymity service which provides OpenVPN and a lot of servers) with Tor.