Hi. On Fri, Jun 19, 2015 at 09:13:42AM +0200, Frederic Marchal wrote: > On Friday 19 June 2015 09:24:34 Reco wrote: > > > Hi. > > > > > > On Thu, 18 Jun 2015 18:20:25 -0500 > > > > > > Richard Owlett <rowl...@cloud85.net> wrote: > > > > Mike McClain wrote: > > > > > On Thu, Jun 18, 2015 at 03:22:37PM -0500, Richard Owlett wrote: > > > > >> Scarletdown wrote: > > > > >>> How about a portable wireless hotspot device and service? > > > > >> > > > > >> I was leaning away from that solution - unsure of security > > > > >> implications when using personal hotspot. > > > > >> > > > > >>> The > > > > >>> way I understand how those work, you will have your Internet > > > > >>> service with you no matter where you are, as long as you can get > > > > >>> a signal from your provider. > > > > > > > > > > When CBS 60 Minutes (or was it Sunday Morning?) did an article on > > > > > security on airlines, trains, etc. They suggested setting up a VPN on > > > > > your system. > > > > > Mike > > > > > > > > A pointer to an appropriate how-to and .deb in Jessie repository? > > > > > > A *very* simplistic howto follows: > > > > > > autossh -ND1080 <ur_home_here> > > > > > > <set iceweasel's proxy to socks4 proxy localhost:1080> > > > > With iceweasel/firefox, don't forget to change network.proxy.socks_remote_dns > to true in about:config or the DNS requests will be issued to the local DNS > server. > > > > See http://kb.mozillazine.org/Network.proxy.socks_remote_dns > > > If the DNS requests are sent to the local DNS server provided by the DHCP of > an > access point, the AP administrator can get an exhaustive list of every single > web site you visit simply by looking at the DNS requests comming from your > computer. The data are still secure thanks to the vpn but it is very easy to > get a good idea about the kind of activity you are having at the moment (I'm > adopting the employer's point of view here :-) ). > > > > When network.proxy.socks_remote_dns is set to true, the DNS requests are sent > through the SOCKS connection and delivered to your computer at home (which > ultimately is sent to your ISP but you already thrust it with that information > any way, don't you?)
Please don't do so. Ssh only provides SOCKS4 proxy, and SOCKS4 can not tunnel DNS requests (or any UDP traffic for that matter). Although I agree that un-tunneled DNS requests is a privacy issue indeed. Reco -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150619080123.ga23...@d1696.int.rdtex.ru
