Connecting to the internet from the road is a necessity for me, but it's one that isn't without its perils. Much of the time, internet hotspots are unencrypted -- which means your wireless data, unless otherwise encrypted, is just flying around out in the open. That's a bit unnerving. But even if there wasn't the potential of someone easily eavesdropping on my packets, how much do you trust the hotspot provider?
True, many applications have built in security. For example, using SSL when talking to an Exchange server in Outlook. Or logging into a bank via SSL in my web browser. In these situations, even if the wifi is unencrypted, the underlying data is. If all I did was connect to secure services via an open/unencrypted network, I wouldn't worry as much.
But, I'm doing more than just syncing my mail. I may be checking out discussion forums, browsing the news, doing research, or, most importantly, logging into my home machines -- all of which is generally insecure unless you take steps to secure it.
VPN to the rescue. I decided to try out a few methods to see what would work for me. I currently use a Linksys WRT54G as my home internet router running Tomato firmware. The great thing about these routers is that the code base is all GPL and freely available, so it has led to tons of custom versions -- popular ones include Tomato
, and OpenWRT
. (Several of the newer versions of the WRT54 routers use VxWorks and not Linux, and as such, may not all be compatible with the custom firmware. The WRT54GL -- the L meaning Linux -- is specifically made for enthusiasts as it will support most custom firmware.)
DD-WRT and OpenWRT include some VPN servers built in (PPTP and OpenVPN), however, currently I'd prefer to do this on one of my internal machines behind the router. This is for a few reasons: The routers have, relatively speaking, little CPU; I have at least one server online anyway -- might as well use it! Also, I'd prefer to keep the router simple -- it's more modular that way. Tomato, for example, is a lightweight firmware and doesn't include a VPN server, however, it excels are QoS and reliability.
I played around with PPTP, OpenVPN, and SSH -- each with their own pros and cons. In my next few posts, I'll detail how I set these up and list some of the pros and cons. (Remember, my particular application is as a road warrior -- which may or may not fit other scenarios.) As with anything, I don't think there's any one right solution, but hopefully this info will be helpful for those trying to figure out how to connect to their home networks while on the road.