Virtual Offices and portable firewalls

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
For the past few months Ive been without centurylink broadband and have been using my phones (iphone 10 12.4.1) mobile hotspot. Several times while at the cafe , Ive started my connection it will say there is 2 or sometimes 3 connections. Of course it should only say one. I always select teether using usb only too. Clearly other people can connect. Oh and the passwords were strong. Probably a mal comp expert in the cafe it does offer free wifi. Any-who, I called sprint and they said its an apple issue. I called apple, sent screenshots and was told to reset phone. NONE of this addresses my greatest concerns privacy and security.

So when Im on the go all environments are hostile right? so how can I set up my mobile workstation/office and be safe? Im not satisfied with software firewalls. I have vpn. Is there such a thing as portable firewall? I want to just buy a portable broadband service that isnt my phone and a firewall. Does anyone have this setup? Im a little overwhelmed and an example of this working.
 

AtlBo

Level 28
Verified
Top Poster
Content Creator
Well-known
Dec 29, 2014
1,711
A truly configurable laptop [hardware] firewall wi-fi adapter with full router type software support and firewalling software for the phone device...this would be super cool, and it should exist. I can't find it, even for laptops. I wonder if anyone at Gryphon has ever thought of anything like this for its customers? It would sell off the charts if it didn't make the phone harder to use...
 

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
A truly configurable laptop [hardware] firewall wi-fi adapter with full router type software support and firewalling software for the phone device...this would be super cool, and it should exist. I can't find it, even for laptops. I wonder if anyone at Gryphon has ever thought of anything like this for its customers? It would sell off the charts if it didn't make the phone harder to use...
I did stop into a hole in the wall computer store yesterday and told the chap what I was going through. I showed the screenshots --everything. So, he suggested using a portable router as a firewall which he doesnt sell.

I bought a cheap one from Amazon and it was delivered this morning. But its not going to have any IPS/IDS which is what I want.
 

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
I bought the Keezel and it is here it came with vpn activation code. I am using it right now. I have iphone hotspot going and battery is at 20% so Im typing fast. So we will see how this goes!!!

fyi,The other "personal firewall" I bought was the nexxus.
 

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
I bought the Keezel and it is here it came with vpn activation code. I am using it right now. I have iphone hotspot going and battery is at 20% so Im typing fast. So we will see how this goes!!!

fyi,The other "personal firewall" I bought was the nexxus.
Hi

From what I know Keezel partners with ProXPN, Le VPN, NordVPN, and PureVPN to offer a wide range of locations and plenty of bandwidth as part of your subscription.

Can I know whether you can select the VPN provider to connect to say if I only choose NORDVPN?

Thanks
 

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
It doesnt look like there is a way to choose providers but there is a good selection of servers.

My sister and I were at starbucks yesterday and we got it working well (got a lot of work done:) ). I checked by IP. Im not sure how to check our data is encrypted?

Also, I dont see in the interface I can actually set a deny allow rule.
 
  • Like
Reactions: given

HarborFront

Level 71
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
It doesnt look like there is a way to choose providers but there is a good selection of servers.

My sister and I were at starbucks yesterday and we got it working well (got a lot of work done:) ). I checked by IP. Im not sure how to check our data is encrypted?

Also, I dont see in the interface I can actually set a deny allow rule.
You can read here to check whether your data is encrypted or not by VPN


 
F

ForgottenSeer 58943

For the past few months Ive been without centurylink broadband and have been using my phones (iphone 10 12.4.1) mobile hotspot. Several times while at the cafe , Ive started my connection it will say there is 2 or sometimes 3 connections. Of course it should only say one. I always select teether using usb only too. Clearly other people can connect. Oh and the passwords were strong. Probably a mal comp expert in the cafe it does offer free wifi. Any-who, I called sprint and they said its an apple issue. I called apple, sent screenshots and was told to reset phone. NONE of this addresses my greatest concerns privacy and security.

So when Im on the go all environments are hostile right? so how can I set up my mobile workstation/office and be safe? Im not satisfied with software firewalls. I have vpn. Is there such a thing as portable firewall? I want to just buy a portable broadband service that isnt my phone and a firewall. Does anyone have this setup? Im a little overwhelmed and an example of this working.

There are lots of fun things you can do on the go. If you don't have access to a physical drop, just WiFi you can;

1) You can bring an repeater to a hotel room/Cafe, connect the extender to the existing WiFi, then create your own encrypted, password protected SSID broadcast. Since most repeaters have a bit of a VLAN type configuration on them, this will keep scrubs from connecting to your gear over the same subnet. (configuration varies per Extender)

2) You can do the above, but use an repeater with an ethernet plug. Then connect your laptop into a RATtrap on one end, and the other end of the RATtrap into the repeater. Dial up the RATrap to high, preventing all inbound connections (only allowing session based activity which is what you want). Also since RATtrap fully encrypts all DNS activity, you'll be well protected from DNS shenanigans.

GL.iNET GL-MT300N-V2 is wonderful for such matters and is very low cost.
 

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
There are lots of fun things you can do on the go. If you don't have access to a physical drop, just WiFi you can;

1) You can bring an repeater to a hotel room/Cafe, connect the extender to the existing WiFi, then create your own encrypted, password protected SSID broadcast. Since most repeaters have a bit of a VLAN type configuration on them, this will keep scrubs from connecting to your gear over the same subnet. (configuration varies per Extender)

2) You can do the above, but use an repeater with an ethernet plug. Then connect your laptop into a RATtrap on one end, and the other end of the RATtrap into the repeater. Dial up the RATrap to high, preventing all inbound connections (only allowing session based activity which is what you want). Also since RATtrap fully encrypts all DNS activity, you'll be well protected from DNS shenanigans.

GL.iNET GL-MT300N-V2 is wonderful for such matters and is very low cost.
thank you!!!!
 
  • Like
Reactions: given

boutthatlife

Level 1
Thread author
Verified
Mar 15, 2019
33
I wanted to give a miniupdate. Totally gonna buy the rattrap dodad which is on sale now its been on my list since this thread.

And just as I thought someone was connecting to me. Neither the keezel or my phone hotspot sent a notification that it was serving another ip or rather that someone connected. Im low key pissed. So once I connect to the keezel others can just hop on and snoop.

I had a screenshot of an obviously spoofed mac address connected to me and I wanted to upload but now I cantfind it. Hopefully i saved it on a backup.

Keezel is ok it has way more udp servers to connect to than tcp. I am rarely able to connect to any udp servers near my region. Also There is no place on the keezel webinterface that shows how many people are connected to the keezel.

I did notice that invizbox has partnered with windscribe so Im excited about that.
 
  • Like
Reactions: given
F

ForgottenSeer 823865

how can people connect if you set a password for your tethering.

That thread goes a bit on uneeded paranoia, there is very very low chance that people intentionally war driving in any public wi-fi, and obviously you don't transmit sensitive datas on unsecured networks. Security 101 for you...

But OK for the sake of the discussion, let say you have to do it and somehow a secret KGB agent is wardriving at your Starbuck.
Solution: buy another mobile plan and just use a 4g USB instead of your phone, your own network, nobody would access it.
Of course, it has its price but since you are paranoid, it doesn't matter and at least you won't need go around with whatever box and try to plug it everywhere...
 
F

ForgottenSeer 58943

how can people connect if you set a password for your tethering.

That thread goes a bit on uneeded paranoia, there is very very low chance that people intentionally war driving in any public wi-fi, and obviously you don't transmit sensitive datas on unsecured networks. Security 101 for you...

But OK for the sake of the discussion, let say you have to do it and somehow a secret KGB agent is wardriving at your Starbuck.
Solution: buy another mobile plan and just use a 4g USB instead of your phone, your own network, nobody would access it.
Of course, it has its price but since you are paranoid, it doesn't matter and at least you won't need go around with whatever box and try to plug it everywhere...

Or hotspot your phone, use a nice long password. Hide the SSID broadcast, and you are good to go as well. Private network, all yours.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top