ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Security while Traveling -

    Scheduled Pinned Locked Moved IT Discussion
    firewallsecuritysecurityawarenesstrainingsecurity while travellinglinuxlinux mintfedoraubuntu
    20 Posts 12 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller
      last edited by

      There will always be endless attacks on your machine as long as you have an IP address. But why monitor? You know that they are happening. Keep your defenses up. That's all that there is to do.

      1 Reply Last reply Reply Quote 4
      • ObsolesceO
        Obsolesce @gjacobse
        last edited by Obsolesce

        @gjacobse said in Security while Traveling -:

        monitor attempts at gaining access to my device (laptop)?

        What kind of access and by what means? SSH? Use key based Auth only. Keep the firewall closed of all incoming ports which is default. It's not like you are running a web server on your laptop. Maybe you are, I do... but accessible from local host only .

        Be careful of the sites you browse and downloads you open, etc...

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Obsolesce
          last edited by

          @obsolesce said in Security while Traveling -:

          @gjacobse said in Security while Traveling -:

          monitor attempts at gaining access to my device (laptop)?

          What kind of access and by what means? SSH? Use key based Auth only. Keep the firewall closed of all incoming ports which is default. It's not like you are running a web server on your laptop. Maybe you are, I do... but accessible from local host only .

          Be careful of the sites you browse and downloads you open, etc...

          No ports should be exposed on a traveling laptop, for example.

          1 Reply Last reply Reply Quote 0
          • IRJI
            IRJ
            last edited by IRJ

            In addition to the obvious like VPN with kill switch, you could use a burner as well. Using a bootable thumb drive with Fedora or even better tails can be another way to limit risks. If you want to get really crazy you could always use Qubes.

            1 Reply Last reply Reply Quote 0
            • PhlipElderP
              PhlipElder
              last edited by

              We set all three Windows Firewall profiles to ON by default. Then, we enable both the New Protocol pop-up and enable Firewall Logging. This allows for quick and simple troubleshooting to eliminate the firewall as a problem.

              In some cases, the Public profile is locked right down to not allow any unsolicited inbound packets on any port with no user exceptions allowed.

              As an aside, a Faraday wallet that hides RFIDs in the cards carried is always a good idea.

              1 Reply Last reply Reply Quote 0
              • KellyK
                Kelly
                last edited by

                The problem with public WiFi is not the attacks that your device is subjected to, but the vulnerability of the packets as they traverse the unknown AP. Aside from the basics I spend more time and energy securing that traffic because the modern OS with no public services is fairly secure. Most attackers will go after the low hanging fruit, and that is the internet bound traffic.

                scottalanmillerS 1 Reply Last reply Reply Quote 5
                • scottalanmillerS
                  scottalanmiller @Kelly
                  last edited by

                  @kelly said in Security while Traveling -:

                  The problem with public WiFi is not the attacks that your device is subjected to, but the vulnerability of the packets as they traverse the unknown AP. Aside from the basics I spend more time and energy securing that traffic because the modern OS with no public services is fairly secure. Most attackers will go after the low hanging fruit, and that is the internet bound traffic.

                  Right, it's an outbound concern, rather than an inbound one.

                  gjacobseG 1 Reply Last reply Reply Quote 0
                  • gjacobseG
                    gjacobse @scottalanmiller
                    last edited by

                    @scottalanmiller said in Security while Traveling -:

                    @kelly said in Security while Traveling -:

                    The problem with public WiFi is not the attacks that your device is subjected to, but the vulnerability of the packets as they traverse the unknown AP. Aside from the basics I spend more time and energy securing that traffic because the modern OS with no public services is fairly secure. Most attackers will go after the low hanging fruit, and that is the internet bound traffic.

                    Right, it's an outbound concern, rather than an inbound one.

                    If it's an "outbound" issue,.. then two things will protect your device.

                    • Don't connect it
                    • Don't turn it on
                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @gjacobse
                      last edited by

                      @gjacobse said in Security while Traveling -:

                      @scottalanmiller said in Security while Traveling -:

                      @kelly said in Security while Traveling -:

                      The problem with public WiFi is not the attacks that your device is subjected to, but the vulnerability of the packets as they traverse the unknown AP. Aside from the basics I spend more time and energy securing that traffic because the modern OS with no public services is fairly secure. Most attackers will go after the low hanging fruit, and that is the internet bound traffic.

                      Right, it's an outbound concern, rather than an inbound one.

                      If it's an "outbound" issue,.. then two things will protect your device.

                      • Don't connect it
                      • Don't turn it on

                      Along with loads of other protections like using HTTPS, only using sites with accepted certificates, etc. It's not the big issue that people pretend that it is.

                      1 Reply Last reply Reply Quote 1
                      • D
                        DarienA
                        last edited by

                        Annoyingly I just discovered the mobile device VPN I use ExpressVPN doesn't have a kill switch for the Android version of the app... grrrr. Support says its coming but now I'll have to shop for another service... and I liked ExpressVPN too..

                        A 1 Reply Last reply Reply Quote 0
                        • A
                          Alex Sage @DarienA
                          last edited by

                          @dariena Why not just setup your own?

                          https://github.com/angristan/openvpn-install

                          D 1 Reply Last reply Reply Quote -1
                          • NerdyDadN
                            NerdyDad
                            last edited by

                            On my android device, for untrusted APs, I typically use Orbot for the combination of VPN and Tor. I typically don't run it all of the time though.

                            1 Reply Last reply Reply Quote 0
                            • JaredBuschJ
                              JaredBusch
                              last edited by

                              I don't give a shit.

                              My email is all TLS based. I don't open banking apps on random wifi. Granted I trust them to be using TLS because, hello lawsuit, if not. But I still don't use them.

                              Anything else I do is chat, all using TLS, but it is public anyway, so the history is obtainable. And then web browsing. Well, jsut don't sign up or enter creds to stuff.

                              DashrenderD 1 Reply Last reply Reply Quote 2
                              • D
                                DarienA @Alex Sage
                                last edited by

                                @aaronstuder #lazy? :grinning_face_with_smiling_eyes:

                                1 Reply Last reply Reply Quote 0
                                • DashrenderD
                                  Dashrender @JaredBusch
                                  last edited by

                                  @JaredBusch said in Security while Traveling -:

                                  I don't give a shit.

                                  My email is all TLS based. I don't open banking apps on random wifi. Granted I trust them to be using TLS because, hello lawsuit, if not. But I still don't use them.

                                  Anything else I do is chat, all using TLS, but it is public anyway, so the history is obtainable. And then web browsing. Well, jsut don't sign up or enter creds to stuff.

                                  This is how I feel. No reason not to use public WiFi today. Just make sure your pages are HTTPS when using creds and you should be fine.

                                  If the WiFi antenna is disabled, then you aren't subject to any attacks.

                                  1 Reply Last reply Reply Quote 4
                                  • BRRABillB
                                    BRRABill
                                    last edited by

                                    I've often wondered about my phone.

                                    I need my Hay Day activity to be discrete.

                                    1 Reply Last reply Reply Quote 0
                                    • gjacobseG
                                      gjacobse
                                      last edited by

                                      So my brother sends me this:

                                      GL-iNet Mini Travel Router/Repeater OpenVPN Client; OpenWRT

                                      5157YwcDmgL.SL1000.jpg

                                      71WnAQYwb5L.SL1500.jpg

                                      Could something like this or similar be supplemental?

                                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                                      • scottalanmillerS
                                        scottalanmiller @gjacobse
                                        last edited by

                                        @gjacobse said in Security while Traveling -:

                                        Could something like this or similar be supplemental?

                                        Seems pretty silly.

                                        So here is the question....

                                        1. What threat do you perceive there being?
                                        2. How do you feel this device addresses that thread?

                                        I don't really see any threat in the first place, and so that makes it extra hard to know how to assuage your fears. But how this device is supposed to help, I'm really unsure.

                                        1 Reply Last reply Reply Quote 1
                                        • 1 / 1
                                        • First post
                                          Last post