Jump to content
Hak5 Forums
Computer_Security

What security precautions do you take?

Recommended Posts

Hey,

So I am curious what creative ways you guys use to protect yourselves while on any network. I also thought I would share some of the steps I personally take to stay security conscious.

-I have a VPN always running that I am administering for all of my, and my families, devices.

-In addition to the VPN I also am hooked up to the tor network, running ghostery, https everwhere and pixel block while in chrome. 

-I also take the usual physical security precautions such as having all of my drives encrypted and using a Kensington lock.

 

There are probably other things as well that I just can't think of right now, just thought I would share to get the conversation started.

Share this post


Link to post
Share on other sites

You say any network, do you do all these at home as well? VPN and hardware locks as well? If you do VPN all the time, what are you defending against, your ISP? Do you trust the VPN endpoint more than them?

Share this post


Link to post
Share on other sites
4 minutes ago, digininja said:

You say any network, do you do all these at home as well? VPN and hardware locks as well? If you do VPN all the time, what are you defending against, your ISP? Do you trust the VPN endpoint more than them?

Yea! I tend to have it on even for home network use and of course, I don't trust my ISP/government/Network with information. I am not defending against anything, in particular, per say but more just seeing where the bounds of security and convenience lie for me. 

Share this post


Link to post
Share on other sites

Don't forget, if the government want to watch your traffic, they will just put a tap on the VPN end point. Sure you get it but a lot of people miss that their traffic has to emerge from the VPN somewhere and at that point it becomes visible to anyone who is on the route or can request traffic.

Do you stream movies through the VPN? If so, that is likely to eat up your allotted bandwidth pretty quickly.

Share this post


Link to post
Share on other sites
8 minutes ago, digininja said:

Don't forget, if the government want to watch your traffic, they will just put a tap on the VPN end point. Sure you get it but a lot of people miss that their traffic has to emerge from the VPN somewhere and at that point it becomes visible to anyone who is on the route or can request traffic.

Do you stream movies through the VPN? If so, that is likely to eat up your allotted bandwidth pretty quickly.

That is true, but let's say they do.... the cool thing about tor is that I can change my route/ endpoint at any time. So I'm actually curious, how would they keep track of the endpoint I am currently using? I'm not saying the government can't track me I'm just saying I'm going to make it a pain in the ass for them  😃 So far I have everyone in my immediate family connected to my VPN and I haven't seen or experienced any throttling. As for streaming media, I typically use Youtube, Kodi or a movie service such as Netflix or Hulu on my firestick (That why I asked you about adding that to the VPN earlier today). Even watching youtube videos on my laptop, I have yet to see any noticeable difference from when I wasn't using the VPN.

 

Share this post


Link to post
Share on other sites

I can see the hosting company the VPN is running through, is it one you set up yourself or a commercial offering? If you built it yourself then that is easy to track back as they talk to the hosting company and get a list of IPs who connected to the box and the details of the person paying for it. If it is a commercial offering then there are ways of monitoring traffic content and meta data to tie inbound traffic to outbound and work back from there.

It would all need warrants but then so would doing it at your ISP level.

If you aren't currently running all your devices through the VPN then you will be leaking at least some info to the ISP.

Share this post


Link to post
Share on other sites
1 minute ago, digininja said:

I can see the hosting company the VPN is running through, is it one you set up yourself or a commercial offering? If you built it yourself then that is easy to track back as they talk to the hosting company and get a list of IPs who connected to the box and the details of the person paying for it. If it is a commercial offering then there are ways of monitoring traffic content and meta data to tie inbound traffic to outbound and work back from there.

It would all need warrants but then so would doing it at your ISP level.

If you aren't currently running all your devices through the VPN then you will be leaking at least some info to the ISP.

It's a cloud-based box that I set up using OpenVPN, I would be tunneling my traffic through tor but I think Hak5 forums blocks traffic if it detects a tor exit node. That's actually very interesting and yea I figured that if the government wanted to know who was running the box, they would just get a warrant from the parent company. Why would running all of my devices through the VPN cause leaks? I have done many DNS leak tests and have yet to experience one. Also in your opinion, do you feel it is better to trust a service such as NordVPN, who claims to not log, over creating your own server? 

Share this post


Link to post
Share on other sites

I said if you weren't already running everything through the VPN things would be leaking. If you want to do it the easy way, my setup is a pfsense box sat in front of my modem which can be set up to connect to my VPN server and run everything through the VPN. That way I don't have to worry about individual machines, the firewall does it all for me.

  • Like 1

Share this post


Link to post
Share on other sites
18 hours ago, digininja said:

I said if you weren't already running everything through the VPN things would be leaking. If you want to do it the easy way, my setup is a pfsense box sat in front of my modem which can be set up to connect to my VPN server and run everything through the VPN. That way I don't have to worry about individual machines, the firewall does it all for me.

Ohhh okay makes sense. What box are you using for pfsense?

Share this post


Link to post
Share on other sites

I use one of these:

https://www.pcengines.ch/apu2.htm

Before that I had one of their Alix boards, both work really well. I added an SSD drive so there was space to work on it and store logs, I found that using an SD drive sometimes mean problems upgrading as there wasn't enough room to run the upgrade script.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×