I'm thinking this may be too tough for some people to answer, but I thought I'll give it a try. I'm going to be overseas for most of the summer and my laptop is most likely going to be connected to unsecure networks. Security is going to be very important as I'll be logging on to my bank accounts and transferring funds and it would be tragic if somehow someone manage to access my usernames and passwords.

I think the most obvious things to do would be to make sure that a good AV and firewall is installed. However, I don't think that is enough. Would connecting to a VPN server help? I'm not sure how this would work, but people told me that through a VPN connection, all traffic is encrypted. I was thinking of just logging on to my university's VPN connection and pray that all the information that I'm sending would be encrypted. Would this help?

Yes, an IPSec or L2TP VPN would be most secure, PPTP is also pretty secure but it is subject to more vulnerabilities than the previously mentioned VPN types when certain variables exist.

Businesses use VPNs all the time to ensure secure connectivity.

Yes, an IPSec or L2TP VPN would be most secure, PPTP is also pretty secure but it is subject to more vulnerabilities than the previously mentioned VPN types when certain variables exist.

Businesses use VPNs all the time to ensure secure connectivity.

My university offers VPN connection to all its students. So as soon as I connect to the internet, I should just log in to my VPN account then? I'm not sure what kind of VPN technology that my university (UBC) employs, but it has to be more than adequate right?

My university offers VPN connection to all its students. So as soon as I connect to the internet, I should just log in to my VPN account then? I'm not sure what kind of VPN technology that my university (UBC) employs, but it has to be more than adequate right?

Yes, as soon as you establish your internet connection immediately connect to your VPN. I'm pretty sure in one of the status windows you can see which encryption type is being used by the VPN.. However, I'm willing to bet they employ ether L2TP or IPSec.

Yes, as soon as you establish your internet connection immediately connect to your VPN. I'm pretty sure in one of the status windows you can see which encryption type is being used by the VPN.. However, I'm willing to bet they employ ether L2TP or IPSec.

There is that VPN icon on my taskbar. Is that where the information is located? I won't know until tomorrow since I don't have class today. Does it matter which technology UBC employs? Which one is better?

However, I'm willing to bet they employ ether L2TP or IPSec.
VPN supports PPTPv2 and IPSec – the major VPN standards.
http://www.it.ubc.ca/security/VPN/description.html
There is that VPN icon on my taskbar. Is that where the information is located? I won't know until tomorrow since I don't have class today. Does it matter which technology UBC employs? Which one is better?
I don't quite understand what you mean by "located", but I think what you're trying to say is if that is where all your data goes? If that's the case, then yes. Once you connect to the UBC VPN, all your data is encrypted and sent over the Internet to the UBC network where it is then decrypted and sent to it's destination. What UBC employs is decent and standard in terms of VPN's.

http://www.it.ubc.ca/security/VPN/description.html

I don't quite understand what you mean by "located", but I think what you're trying to say is if that is where all your data goes? If that's the case, then yes. Once you connect to the UBC VPN, all your data is encrypted and sent over the Internet to the UBC network where it is then decrypted and sent to it's destination. What UBC employs is decent and standard in terms of VPN's.

What I was trying to ask was if I can confirm the VPN technology that is employed by looking at the VPN icon for the information. This is what I see in that taskbar icon:

Device Name: WAN Miniport (PPTP)
Device Type: vpn
Server type: PPP
Transports: TCP/IP
Authentication: MS CHAP V2
Encryption: MPPE 128
Compression: (none)
PPP multilink framing: Off

Oh, ok, then yes, you'd be correct. So long as the VPN icon is lit-up, then you are connected and everything is working correctly.

Edit: Windows doesn't tell you exactly that you are using PPTPv2 with IPSec, but it does show you it is a PPTP (under Device Name) which is all you really need to know.

Oh, ok, then yes, you'd be correct. So long as the VPN icon is lit-up, then you are connected and everything is working correctly.

Anything else I should consider to further secure my connection?

Not really, once you're behind a VPN you're generally pretty safe ASSUMING your system is spyware, virus, etc.. free.

Not really, once you're behind a VPN you're generally pretty safe ASSUMING your system is spyware, virus, etc.. free.

Yep, it's spyware and virus-free. I have anti-spyware, anti-virus, and firewall installed with the latest updates.

Anything else I should consider to further secure my connection?
Just think safe, and use commonsense. Other than that, there isn't much you can do, well you could, but you'd have to pay a premium for it. But a VPN to UBC should be fine for your needs, I'd only recommend premium services if you dealt with lots sensitive data that was third-party (e.g. clients).

Just think safe, and use commonsense. Other than that, there isn't much you can do, well you could, but you'd have to pay a premium for it. But a VPN to UBC should be fine for your needs, I'd only recommend premium services if you dealt with lots sensitive data that was third-party (e.g. clients).

Just out of curiosity, what do you have in mind?

Just out of curiosity, what do you have in mind?
Something like findnot.com - I've borrow an account and they truly provide what they state they do; there were at least 2 servers in Canada - one east coast and one west coast.

Something like findnot.com - I've borrow an account and they truly provide what they state they do; there were at least 2 servers in Canada - one east coast and one west coast.

Wow, I didn't know such service exist. I think I'll just stick with UBC VPN since I doubt the common hacker or individual will have the skills to break through something that sophisticated.

Hey guys, I have to bump up this thread as I need more help. I might be heading back to China next year and I might be gone for a long time. I'm thinking of setting up a VPN server at home and I'm wondering if that is hard to do? Will it be expensive to setup and would it be as good as the one that UBC is using?

I was thinking of buying this router and using it with Shaw's Extreme internet connection:

http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1154659754557&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=5455739789B05

I think someone said upload speed is going to be very important, but I'm hoping some expert can comment on this and give me some very much needed advice.

That should work. A simple Linksys WRT54GL (which is about $50-60 I think) with dd-wrt vpn or Tomato VPN firmware will work as well. All it is is the cost of the router and a free firmware download.

Along with the VPN setup, you'll also setup one of the static IP services like DynDNS that is provided on the firmware. This is so you have a way of accessing the VPN without having to know your IP, if it happens to change. If you already have a static IP, then you won't need to.

It's not too hard a process. Hardest part is configuring OpenVPN. After that, should be fine.
http://www.dd-wrt.com/wiki/index.php/OpenVPN

That is if you go the WRT54GL route.

I'm thinking this may be too tough for some people to answer, but I thought I'll give it a try. I'm going to be overseas for most of the summer and my laptop is most likely going to be connected to unsecure networks. Security is going to be very important as I'll be logging on to my bank accounts and transferring funds and it would be tragic if somehow someone manage to access my usernames and passwords.

I think the most obvious things to do would be to make sure that a good AV and firewall is installed. However, I don't think that is enough. Would connecting to a VPN server help? I'm not sure how this would work, but people told me that through a VPN connection, all traffic is encrypted. I was thinking of just logging on to my university's VPN connection and pray that all the information that I'm sending would be encrypted. Would this help?

I don't think people are understanding what you are trying to do. For example, the whole VPN scenario is only to encrypt information between you and the university. For example, you are at a wifi site, and connect your laptop, you then sign on VPN to your university. So any information where you directly access servers and whatnot AT the university, is encrypted. If you go to hotmail, it isn't, as you aren't going through hotmail through your university. You are going through it through your wifi connection.

Now for your banking example, your bank should have encryption for your password and any information sent to its website, regardless of where you are. Having said that though, that doesn't mean that your PC is not vulnerable to being hacked and what not. So what you are really looking for is security for your laptop/PC while you are away. To do that you need some encryption software for your local PC and whatnot.

What you actually want is something like this.

https://www.ironkey.com/

You are using a USB key that has a browser built-in, and using an encrypted network for all your browsing needs. Might be overkill, but if you are really paranoid about this stuff, you should be using something like this everyday and not just when you are going away.

How about this Hotspotshield?

http://anchorfree.com/hotspot-shield/

Hotspot Shield
Free, Reliable Wi-Fi Security
Sure, public Wi-Fi hotspots are great. After all, what would life be without checking your email each morning at your favorite café?

But while you're enjoying your latte and a bagel, some hacker might be accessing your passwords, credit card numbers, sensitive company data and much more. And standard antivirus software won't protect you.

That's why AnchorFree is pleased to offer Hotspot Shield. This free security software keeps your Internet connection secure at public hotspots, home or work.

100% Security Through a VPN
Hotspot Shield creates a virtual private network (VPN) between your laptop and the wireless router. This impenetrable tunnel prevents snoopers and hackers from viewing your email, instant messages, credit card information or anything else you send over a wireless network. Which means you remain anonymous and protect your privacy.

Hotspot Shield security software is free to download, employs the latest VPN technology, and is easy to install and use. So go ahead - Get behind the Shield - try Hotspot Shield today!

I don't think people are understanding what you are trying to do. For example, the whole VPN scenario is only to encrypt information between you and the university. For example, you are at a wifi site, and connect your laptop, you then sign on VPN to your university. So any information where you directly access servers and whatnot AT the university, is encrypted. If you go to hotmail, it isn't, as you aren't going through hotmail through your university. You are going through it through your wifi connection.



Using OpenVPN like I suggested, any sites he tries to access is accessed through the network of the VPN. It's not seperate.

Wireless Hotspot -> VPN -> Access hotmail.com or whatever. It's encrypted. All he has to do to check whether he's surfing through his VPN or not is to check the IP he's connecting with.

How about this Hotspotshield?

http://anchorfree.com/hotspot-shield/

Hotspot Shield
Free, Reliable Wi-Fi Security
Sure, public Wi-Fi hotspots are great. After all, what would life be without checking your email each morning at your favorite café?

But while you're enjoying your latte and a bagel, some hacker might be accessing your passwords, credit card numbers, sensitive company data and much more. And standard antivirus software won't protect you.

That's why AnchorFree is pleased to offer Hotspot Shield. This free security software keeps your Internet connection secure at public hotspots, home or work.

100% Security Through a VPN
Hotspot Shield creates a virtual private network (VPN) between your laptop and the wireless router. This impenetrable tunnel prevents snoopers and hackers from viewing your email, instant messages, credit card information or anything else you send over a wireless network. Which means you remain anonymous and protect your privacy.

Hotspot Shield security software is free to download, employs the latest VPN technology, and is easy to install and use. So go ahead - Get behind the Shield - try Hotspot Shield today!

Not a good option in my experience. I don't know whether it was the influx of Rogers users trying to circumvent throttling, but ever since it was posted here on RFD, hotspot shield has slowed to a crawl. It was about as bad as SecureIX last I tried it.

Not to mention, that you're connecting to AnchorFree's VPN servers. Your traffic isn't encrypted at their end. That's not to say AnchorFree necessarily collects data but if you're paranoid about your data, you're better of using your own connection.

Using OpenVPN like I suggested, any sites he tries to access is accessed through the network of the VPN. It's not seperate.

Wireless Hotspot -> VPN -> Access hotmail.com or whatever. It's encrypted. All he has to do to check whether he's surfing through his VPN or not is to check the IP he's connecting with.

I am not too familiar with OpenVPN, but what you are saying is the software client forces ALL TCP/IP requests to go through the VPN, and does not allow any traffic to come directly from the internet. I would verify that using traceroute. I would use the command traceroute www.yahoo.com and see if it goes through your home network.

I am not too familiar with OpenVPN, but what you are saying is the software client forces ALL TCP/IP requests to go through the VPN, and does not allow any traffic to come directly from the internet. I would verify that using traceroute. I would use the command traceroute www.yahoo.com and see if it goes through your home network.

I don't have it currently setup at home nor do I have a remote location I can VPN to at the moment.... but yes, you CAN route all traffic through a VPN if configured that way. It's just not a great option to use if you're hosting the VPN on your home connection for example because of the limited upload bandwidth.

You made a good point though. It's good that you brought that up since no one else has I think.. but you were thinking of a split tunneling VPN which would work the way you described. For security purposes, Sgt_Strider will want to tunnel all his traffic.

Wow Kranberry and Dave, I'm confused right now. I don't know who's right here.

What should my upload speed be at in order to get optimal speed when I'm using VPN? It's just going to be me connecting from abroad to the VPN server.

Wow Kranberry and Dave, I'm confused right now. I don't know who's right here.

What should my upload speed be at in order to get optimal speed when I'm using VPN? It's just going to be me connecting from abroad to the VPN server.

Trust me, a VPN will work for your situation. You just need to configure it properly.
http://openvpn.net/howto.html#redirect

other helpful links
http://www.dd-wrt.com/wiki/index.php/OpenVPN
http://theillustratednetwork.mvps.org/OpenVPN/OpenVPN.html

As for the upload issue, I think you might be confusing upload rate for yourself (as the client) as opposed to the VPN server.

Think about it this way. You're using your home router and connection as the VPN server. If you tunnel ALL your traffic through it, you'll be relying almost entirely on that home connection. Which means, you'll only be able to download as fast as your home connection can upload.

ex)
If your home connection has a max upload rate of 50 KB/s, then when you're in China and you use your VPN server, you'll only be able to download at a max of 50 KB/s.

Trust me, a VPN will work for your situation. You just need to configure it properly.
http://openvpn.net/howto.html#redirect

other helpful links
http://www.dd-wrt.com/wiki/index.php/OpenVPN
http://theillustratednetwork.mvps.org/OpenVPN/OpenVPN.html

As for the upload issue, I think you might be confusing upload rate for yourself (as the client) as opposed to the VPN server.

Think about it this way. You're using your home router and connection as the VPN server. If you tunnel ALL your traffic through it, you'll be relying almost entirely on that home connection. Which means, you'll only be able to download as fast as your home connection can upload.

ex)
If your home connection has a max upload rate of 50 KB/s, then when you're in China and you use your VPN server, you'll only be able to download at a max of 50 KB/s.

You are confident that all traffic through the use of VPN is encrypted right?

Base on what you said it seems like upload speed is probably going to be the most important thing.

You are confident that all traffic through the use of VPN is encrypted right?

Base on what you said it seems like upload speed is probably going to be the most important thing.Sorry to bump an old thread. Just wondering how OpenVPN(or any VPN) is working for you right now? I'm thinking of going through this setup using my WRT54GL router but wanted your thoughts and opinions on this.

Sorry to bump an old thread. Just wondering how OpenVPN(or any VPN) is working for you right now? I'm thinking of going through this setup using my WRT54GL router but wanted your thoughts and opinions on this.

I didn't go ahead to do this because I have access to another VPN account.

A VPN will encrypt all traffic and put it through a 'tunnel' to the VPN server where you can do your surfing from.

Only concern with an unsecure wifi connection would be SURE your traffic is going to the VPN.... BUT you're still on an open wifi connection. Someone could easily get onto your computer and plant a keylogger and get your info anyways.....