Cloaking WiFi connection


C

cameo

For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
 
Ad

Advertisements

G

Ghostrider

For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
Use a VPN connection.

GR
 
P

Paul

cameo said:
For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
https://www.getcloak.com/

"... personal VPN..."

It's a Virtual Private Network.

That's the term you'd search for, not for "cloak".

*******

Apparently, Windows 7 has a VPN server built-in. I think
that would allow the following.

http://www.ehow.com/how_7418436_turn-home-desktop-vpn-server.html

You could do something like this. This uses your own equipment,
but requires an ISP that doesn't complain about how you use
their service.

Internet
|
| Unencrypted
|
| Encrypted
| +----------------------+
| | |
CameoHome Public Wifi
Windows 7 |
| | Cameo Remote running
+----+ VPN client
"HairPin
Turn"

(via Windows7
normal routing)

You would leave your home PC running. The home PC would have a
regular connection to the Internet, without encryption.

However, logically (rather than physically), while you're
sitting in the public wifi spot, you use your VPN Client,
to contact the IP address of your home PC. Your home router
has a hole punched in it (port forwarding), to allow the VPN connection.
Some routers have a passthru function specifically for VPNs. Inside
your PC, the Windows VPN server software, decrypts the packets,
then routes the resulting packet. If the packet is destined
for the Internet (not directed to your home subnet), then
the Windows internal routing software will send the packet
towards the Internet.

Now, a problem with this concept, is if you use your home
computer and Internet connection, the Internet connection
is "asymmetric". The connection from CameoHome to Cameo Remote
will be slow, because as far as the home PC is concerned,
it's "uploading". On my system here, the available
bandwidth in that direction, is about as fast as writing
to a floppy drive. Useless. I would be sitting at the
public Wifi, with secure access, but slow access to the
Internet.

And technically speaking, you are "running a server" on your
home networking setup, in violation of the Terms Of Service
of your ISP (for cheap home Internet packages). Since my
ISP uses a deep packet inspection box, any policy
violations can be detected in the blink of an eye.
It depends on your ISP, and what it says in the TOS,
as to whether you're allowed to run that way or not.

If you use a commercial VPN service for the left hand
side of the diagram, their networking setup will be
symmetric, supporting good bandwidth in all directions.
If you use a commercial VPN, there is no connection
at all, running to your home PC. And no TOS to worry about.
There would be a monthly fee, to use the commercial VPN.

Note that, VPN link encryption, can affect things like
Windows shares. When I used a VPN hardware box at work
(our own corporate VPN server), I could copy files to
the work server at a blistering 4KB/sec. What seemed to
be happening, is the encrypted VPN packet encapsulation, caused
packets to be fragmented, and without the seeming benefit
of protocol pipelining. That meant a 100 millisecond delay,
for each protocol exchange. No pipelined acks seemed to be
present, for whatever reason. So depending on the dynamics,
using a VPN can be pure misery. The funny thing was, some
protocols (like XWindows protocol was the main thing I was
doing), ran at more normal rates. It was just the Windows
shares that were slow as molasses. Broadband Internet
with dialup performance.

Whoever provides the VPN server end of the above
picture (on the left), must be trustworthy. As they have
access to the unencrypted stream. You would assume your
own home PC running Windows 7 would be trustworthy, and it
is, until it gets hacked from outside. Then, it's no longer
trustworthy. Any time you do Port Forwarding on your
home router, there is a risk associated with doing so.

Paul
 
P

Paul in Houston TX

cameo said:
For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
By its very nature, Public wifi means Public wifi and open to all
regardless of computer maker.
However, you can make a secure connection through a public wifi
using your own vpn or sslvpn.

A router can hide it's ssid but that is not a fuction of the o/s.
 
Y

Yousuf Khan

https://www.getcloak.com/

"... personal VPN..."

It's a Virtual Private Network.

That's the term you'd search for, not for "cloak".

*******

Apparently, Windows 7 has a VPN server built-in. I think
that would allow the following.

http://www.ehow.com/how_7418436_turn-home-desktop-vpn-server.html

You could do something like this. This uses your own equipment,
but requires an ISP that doesn't complain about how you use
their service.
Outstanding info, didn't know this was already built into Windows 7.

Yousuf Khan
 
P

Paul

Yousuf said:
Outstanding info, didn't know this was already built into Windows 7.

Yousuf Khan
Yes, but at this point in time, I don't know how easy to use it is.

You might end up with "hair loss" from attempting to use it :)

Paul
 
T

tb

For Macs there is a supposedly pretty good and easy-to-use cloaking
program to make public WiFi connection secure. Is there anything like
that for Windows PCs?
Sorry to be such an ignorant, but how does one set up a VPN connection?
Do I have to leave my router at home on so that I can connect to it?
 
C

cameo

https://www.getcloak.com/

"... personal VPN..."

It's a Virtual Private Network.

That's the term you'd search for, not for "cloak".

*******

Apparently, Windows 7 has a VPN server built-in. I think
that would allow the following.

http://www.ehow.com/how_7418436_turn-home-desktop-vpn-server.html

You could do something like this. This uses your own equipment,
but requires an ISP that doesn't complain about how you use
their service.

Internet
|
| Unencrypted
|
| Encrypted
| +----------------------+
| | |
CameoHome Public Wifi
Windows 7 |
| | Cameo Remote running
+----+ VPN client
"HairPin
Turn"

(via Windows7
normal routing)

You would leave your home PC running. The home PC would have a
regular connection to the Internet, without encryption.
Except I wouldn't think of leaving my PC on when I am not home. That's
one reason I use Internet cameras with their own built in server that I
can access remotely without having my PC on.
 
C

cameo

Yes, but at this point in time, I don't know how easy to use it is.

You might end up with "hair loss" from attempting to use it :)
That's what my feeling is, too. My understanding of that Getcloak
software was that it really simplified it for Macs.
 
C

cameo

By its very nature, Public wifi means Public wifi and open to all
regardless of computer maker.
However, you can make a secure connection through a public wifi
using your own vpn or sslvpn.
Yes, but vpn presumes cooperating processes on both ends of a
connection, right? But public access WiFi might not have that.
 
G

Ghostrider

Yes, but vpn presumes cooperating processes on both ends of a
connection, right? But public access WiFi might not have that.
"Public access" means gaining access to the Internet through a
gateway that is openly available. The VPN client is an application
that is installed in the remote computer that is connecting to the
VPN server via the means of "public access". Security is achieved
by encryption keyed to the VPN connection between the client and
host systems. The "public system" is just a means of conveyance
for the encrypted packets between them.

GR
 
C

cameo

"Public access" means gaining access to the Internet through a
gateway that is openly available. The VPN client is an application
that is installed in the remote computer that is connecting to the
VPN server via the means of "public access". Security is achieved
by encryption keyed to the VPN connection between the client and
host systems. The "public system" is just a means of conveyance
for the encrypted packets between them.
OK, but until the VPN connection is established, transmission between a
laptop and --say -- a pub's open WiFi is in clear, right? That's when
the vulnerability exists, no?
 
Y

Yousuf Khan

Yes, but at this point in time, I don't know how easy to use it is.

You might end up with "hair loss" from attempting to use it :)
Already lost it all! ;)

But yeah, I followed the instructions, and was able to setup the VPN
server. I then followed the instructions to create a tunnel for it
through the router. But now how do I setup a client to access this
server? Yeesh, not as easy as it sounded.

Yousuf Khan
 
G

Gene E. Bloch

Already lost it all! ;)

But yeah, I followed the instructions, and was able to setup the VPN
server. I then followed the instructions to create a tunnel for it
through the router. But now how do I setup a client to access this
server? Yeesh, not as easy as it sounded.

Yousuf Khan
Maybe the second problem will make your hair grow back?

Other than that I can offer nothing (I've never tried VPNs).
 
G

Ghostrider

OK, but until the VPN connection is established, transmission between a
laptop and --say -- a pub's open WiFi is in clear, right? That's when
the vulnerability exists, no?
The packet should have already been encrypted by the VPN client
before leaving the laptop. My laptops are set up with Cisco VPN
clients to connect with a Cisco SSLVPN server.

GR
 
P

Paul

Yousuf said:
Already lost it all! ;)

But yeah, I followed the instructions, and was able to setup the VPN
server. I then followed the instructions to create a tunnel for it
through the router. But now how do I setup a client to access this
server? Yeesh, not as easy as it sounded.

Yousuf Khan
I see a recipe here.

http://www.pcworld.com/article/210562/how_set_up_vpn_in_windows_7.html

"Step by Step: Connecting to a VPN (Outgoing)

Step 1 Click the Start button.
In the search bar, type VPN and then select
Set up a virtual private network (VPN) connection.

Step 2 Enter the IP address or domain name of the server to which you
want to connect.

Step 3 If you want to set up the connection,
but not connect, select Don't connect now;
otherwise, leave it blank and click Next.

Step 4 On this next screen, you can either put in your
username and password, or leave it blank. You'll be prompted
for it again on the actual connection. Click Connect.

Step 5 To connect, click on the Windows network logo on the lower-right
part of your screen; then select Connect under VPN Connection.

Step 6 In the Connect VPN Connection box, enter the appropriate domain
and your log-in credentials; then click Connect.

Step 7 If you can't connect, the problem could be due to the server
configuration. Check with your network administrator to see what
kind of VPN is in use--such as PPTP--then, on the Connect VPN Connection
screen, select Properties.

Step 8 Navigate to the Security tab and select the specific Type of VPN
from the drop-down list. You may also have to
unselect Include Windows logon domain under the Options tab.
Then click OK and Connect."

That sounds pretty simple :)

Step 9 After you've finished all the clicking and typing,
you may take a coffee break. Good thing you're in a
Starbucks.

HTH,
Paul
 
P

Paul in Houston TX

cameo said:
Yes, but vpn presumes cooperating processes on both ends of a
connection, right? But public access WiFi might not have that.
True. Public wifi is open and public. Packets are observable.
A secure connection can be made through a public connection but
requires code / decode on both ends.
 
C

cameo

True. Public wifi is open and public. Packets are observable.
A secure connection can be made through a public connection but
requires code / decode on both ends.
Why even bother with that when https is much simpler and probably just
as secure??
 
Ad

Advertisements

P

Paul

cameo said:
Why even bother with that when https is much simpler and probably just
as secure??
Because, if you use VPN, every usage of the link is secured.

You can use Telnet or FTP with plaintext password, and the overall
VPN encryption, prevents it from being seen. It allows a mixture
of secured and unsecured protocols to be used, inside the same "pipe".

Paul
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top