I am planning a trip for a few days and I will be staying at an inn with Wifi access. All the guests are allowed to use it. A friend of mine has been there, he told me there are several other private spots around the house, i.e. lots of other people using Wifi. My friend told me the inn uses WEP, so who knows how many times their access point has been hacked and accessed without permission...

My concern is that I will be there for a few days with my notebook, I will have to work once in a while, connected to the Internet. Is there some precaution I should take to protect my notebook from intruders? Is it advisable to install a firewall in my notebook (iptables?) or am I just overreacting? Is it possible for one of the guests or neighbors to break into my notebook?

It's highly unlikely.
Enabled Filesharing offen allow others to access your files on networks.
I beleave most wifi attackers would use wifi for free net, anonimity and in worst case spying on other people activitys.

2 members found this post helpful.

Personally, I always have iptables on, no matter what network I'm connected to, no matter how unlikely the chances of being targeted. Worms and malware don't care where you are or whether you're only connecting for 10 minutes - if its not on, its not on

Also.. try not to do any internet banking if you're on a public connection, it's pretty easy to provide fake dns responses ...

2 members found this post helpful.

Or just leave an ssh server running on your home computer and use ssh tunneling to browse over an encrypted connection ie:

-> set up the browser to use sock proxy server on port 8080 at local host (127.0.0.1)

For extra security with Firefox tunnel dns requests over the secure tunnel. Open the about:config page. Change network.proxy.socks_remote_dns to true.

Other ssh options:

-f move the ssh to background
-N do not execute remote command
-q be quiet
-T do not allocate a pseudo tty
-n redirect standard input to /dev/null
-C enable compression


Regards,
Stefan

2 members found this post helpful.

I too would highly recommend not only that you use a firewall, but also that you set up a secure tunnel to a less-risky location, such as your home perhaps (you need to worry about your traffic as well, not just your computer).

2 members found this post helpful.

That didn't work for me. Firefox can no longer load any pages at all with that configuration. I used 127.0.1 and the same port as the -D parameter for SSH. I used the remote server that hosts my website and has SSHD running all the time. What did I do wrong?

Also, is it possible to make Kmail send and receive mail through an SSH tunnel? I couldn't find anything that seemed remotely relevant in the many Kmail configuration options, but maybe there is some clever trick I don't know...

See the attached screen shot for an example of a working setup. You may need to change 127.0.0.1 to localhost in the socks proxy section.

I also assume you issued the SSH connection first. Try ssh -CND 8080 user@domain. You shouldn't see any response from the SSH server in your terminal.

Attached Thumbnails

 

2 members found this post helpful.

Your screenshot really helped. I had filled in HTTP Proxy instead of SOCKS Host. Doh!

Force of habit, for I used HTTP Proxy for Privoxy for several years. I just went ahead and typed stuff into the first empty field I came across.

Now if only I could check and answer my mail through that tunnel, that would be copacetic.

OK, tunneling is easier than I thought. All my public Wifi woes are gone. Many thanks, everyone!