[GRLUG] Wireless question
Mike Williams
knightperson at zuzax.com
Mon Dec 27 23:52:31 EST 2010
It depends on what you're trying to accomplish. It's fairly easy to run
an SSH proxy on a Linux box that has a public IP. This will work to make
your communications sniff-proof by other users at the free wifi you're
using. I believe your DNS requests are still unencrypted, so anyone
sniffing could see what DNS lookups you're doing, but that's it. This
level of encryption is not the same as truly secure communication, as
once they get to your server, wherever it is, the communication goes
unencrypted and can theoretically be intercepted between your server and
the email or web server you are talking to. The only way for your email
to not be sniffed is to run encryption between your machine and the
server. GMail allows encrypted IMAP, but not much else does. Still,
email should not be considered secure regardless. Between email servers
(yours and the other party's), conversations are always unencrypted.
On 12/27/2010 10:35 PM, Michael Mol wrote:
> On Mon, Dec 27, 2010 at 9:45 PM, John-Thomas Richards<jtr at jrichards.org> wrote:
>> On Sun, Dec 26, 2010 at 08:15:40PM -0500, Bob Kline wrote:
>>> I'd see two issues. One is to keep your e-mail and other operations
>>> private, and I'd think https was good enough.
>> https? What about IMAP or POP3/SMTP?
> Something I've been mulling in my head for a while. Proxies such as
> Squid can be used for most protocols. How difficult is it to
> SSL-encrypt the Squid proxy, and require all connections go through
> that? That'd seem to allow even an open 802.11 network, as long as the
> client didn't barf on the cert required to talk to the proxy.
>
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the grlug
mailing list