Address

Author Topic: Hotel wifi  (Read 2025 times)

da3v

  • FamiLAB Member
  • Full Member
  • *
  • Posts: 114
    • View Profile
Hotel wifi
« on: April 10, 2012, 08:44:50 PM »
Not sure if this belongs here, or in "ask a hacker".
I might end up needing to break down and use hotel wifi a few times this year.  How much unpleasantness is likely to happen between the time that I connect to the hotel network and when I finish establishing a vpn connection?  How much unpleasantness is likely to happen even after I've established a vpn connection?

willasaywhat

  • Administrator
  • Hero Member
  • *****
  • Posts: 987
    • View Profile
Re: Hotel wifi
« Reply #1 on: April 11, 2012, 12:05:10 AM »
I used the hotel wifi at Defcon, but I wasn't in the main hotel. Regardless, I feared for everything I had. :) I used OpenVPN to connect to Amazon EC2 and tunnel through that way. The trouble with that, as I noticed later, was that not everything was going through the tunnel (split tunneling). It worked out okay though, and everything was relatively safe. VPN is a quick, easy win that should keep most if not all of your traffic encrypted to the VPN endpoint. If you are very concerned, you can always tunnel a specific app over SSH to a VPS or other machine and firewall everything else off.

Using SSL can also help mitigate simple over-the-wire sniffing and such. I have SSL on for both incoming and outgoing mail, my IRC bouncer, and you can set up the HTTPS Everywhere extension to turn it on wherever it is available.

Another thing I've found very helpful is turning on 2-factor on accounts that support it. I had to use a kiosk at ShmooCon, and I went ahead and turned on Google's SMS 2-factor -- worked like a charm, and ensured that capturing just my password wasn't going to help anyone (I did change it anyways, for good measure, before and after the trip).

Honestly, unless you are in a super high risk environment (read: Defcon, BH, ShmooCon, etc) you should be fine or at least no worse off than a Starbucks or any other public network. At some point, unfortunately, you just have to accept some risk.