Blue Dragon Posted April 16, 2008 Share Posted April 16, 2008 Hi, I want to buy a laptop soon and I'd like to surf when I'm not at home. Now I already have a server here running 24/7 that I'd like to setup for a VPN. Setting up this isn't really a problem... I was just wondering how this would slow down my connection speed when I surf with my laptop for example in schhol or sth. As far as I understand VPNs, the data is first send to my home computer and then to the net. (1) So when I only have an upload of 50 kb/s at home, that's as fast as I get when surfing with my laptop, right? I'd really like to use encryption with a VPN because I wouldn't like my passwords and other sensitive data flying around unprotected. (2) Are there any other way I can encrypt my http-traffic before sending it when I'm on a public network? (3) Maybe tunneling through ssh? (4) I've heard that there are sites that offer VPN-services. Are they any good and how fast are they? Hope you can help me! Thx. Quote Link to comment Share on other sites More sharing options...
Chris Gerling Posted April 16, 2008 Share Posted April 16, 2008 I use my wrt54g at home with dd-wrt, and VPN through that. Just remember with a VPN that only the traffic inbetween the endpoints is encrypted. Each endpoint itself is still vulnerable so if either your machine or the endpoint machine is compromised the VPN is useless. Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 16, 2008 Share Posted April 16, 2008 You are indeed correct, if your VPN endpoint has a maximum upload of 100kbs then it will limit you to that speed no matter what speed connection you are physically using to connect to the world. Its the same with any form of proxying, SSH included. Quote Link to comment Share on other sites More sharing options...
Blue Dragon Posted April 16, 2008 Author Share Posted April 16, 2008 Ok. Thx so far for your answers. Would it be somehow possible that I send all my upstream-data (like passwords I transmit to a server) to my VPN but get all the downstream directly through my regular connection? Sounds kinda wierd, but maybe this would be possible somehow. And why are so few sites using https? As far as I understand it, when you for example run a forum and let users log in over https, the passwords can't be sniffed like they normaly can using a man in the middle attack. I think you need to get a http certificate or sth. like that. But this isn't all that expensive, is it? Greetings from germany and thx for the help! Quote Link to comment Share on other sites More sharing options...
VaKo Posted April 16, 2008 Share Posted April 16, 2008 It might be possible, if windows allows you to set connection metrics for TX and RX independantly, but this isn't something I know much about tbh. It would be easier to use a cheap VPS somewhere and set that up as a VPN end point. As for https on the forums, I have thought about that but its never been a priority. A self signed cert would be easy enough to procure I suppose, and it would be intresting to see how IPB reacts to concurrent install bases. Quote Link to comment Share on other sites More sharing options...
Blue Dragon Posted April 16, 2008 Author Share Posted April 16, 2008 It might be possible, if windows allows you to set connection metrics for TX and RX independantly Well, actually I was planing to buy one of these cool asus eee pcs and run Xubuntu on it. Do you (or any1 else) know if xubuntu supports setting this connection stuff independantly? If not, well then I might just go without the encryption and change my password regually and hope noone is sniffing :-? :-) Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 16, 2008 Share Posted April 16, 2008 Ok. Thx so far for your answers. Would it be somehow possible that I send all my upstream-data (like passwords I transmit to a server) to my VPN but get all the downstream directly through my regular connection? Sounds kinda wierd, but maybe this would be possible somehow. Not possible if your laptop is behind a NAT/firewall. Otherwise it can be done. And why are so few sites using https? As far as I understand it, when you for example run a forum and let users log in over https, the passwords can't be sniffed like they normaly can using a man in the middle attack. I think you need to get a http certificate or sth. like that. But this isn't all that expensive, is it? Greetings from germany and thx for the help! Getting a real SSL certificate is expensive. How annoyed would every one be if every time they went to a site there browser said "certificate vendor not verified". At the same time there would be minimal security benifite unless you are sure the certificate you got was the one from the server. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.