RSS

Browse Safely at Hotspots/Hotels

10.02.09

Updated 2 Oct 2009 with inputs with the very helpful folks in the GRC newsgroups.

Intro

When you browse the web at hotspots, hotels, or any other public network, everything you do can be easily intercepted by a hacker connected to the same hotspot/hotel/public network (except for secure web addresses that start with https:// rather than http://). However you can browse safely by connecting through your own proxy. There are commercial proxies (see bottom of page), but you are more secure when using a public network by connecting through your own proxy on a computer at your home. It's much easier than you think.

By securely connecting through a proxy that you set up on a home computer, all of your browser requests go to your house first, and then to the internet. Your browsing is invisible to anyone, including hackers, on the public network. So, how do you do this? You do it with two free programs. It starts with the free Hamachi (like the instructions for remotely controlling a computer). And then uses the free AnalogX Proxy.

Steps:

1. Install Hamachi

Ok, you can use Hamachi to make the secure connection between the two computers. Hamachi helps to secure the connection and make the connection possible when one or both of the computers is behind a firewall and/or router.

You can find a link to Hamachi on my Downloads page (along with other great programs) or just go to Hamachi's download page.

You need to install Hamachi on both computers. Let's call the first computer Computer 1, and the second Computer 2. When you install it, it will start a tutorial to teach you how to use Hamachi. Follow the tutorial that describes how to set up a Hamachi Network. When you install Hamachi on Computer 2, you'll need to join the Hamachi Network that you set up on Computer 1. As you install it on each computer you'll see a number at the top of the Hamachi window like 5.000.000.000. That is the Hamachi IP address. You'll need these numbers later.

Congratulations, you've completed the first major step. If you're a little more advanced and would like Hamachi running as a service when the computer boots (very helpful for accessing after reboot) read this article . Although we're not done yet, you can already do a lot with your Hamachi Network connection. You can securely access the shared folders on Computer 2 from Computer 1 (or vice-versa). You can also securely chat with a user on the other computer. But our goal is to browse the web through this connection. To do that, we need to set up a proxy server on the home computer.

2. Install and Set up AnalogX Proxy

Installing AnalogX Proxy is easy. Download it to your home computer from the link in the previous sentence. The file is called proxyi.exe. Run that file to install it. The proxy program will not automatically run after you've installed it. So you need to click the start button in the lower left and open it from the Programs list under AnalogX\Proxy. When you start the program, the only thing you'll see is a new icon in the system tray in the lower right corner by the clock. It should be a circle with a green letter P.

To configure the software, click on that green P icon and select "Configure." Simple right? Ok, now you'll see the "Configure Proxy..." window. With out changing anything, the proxy should work it's very important that you change one setting to make it more secure. On the right side, in the window labeled "Proxy Binding" You need to you enter the Hamachi network address for your home computer. You'll find that number at the top of the Hamachi window when it's running on your home computer. It should look like 5.000.000.000 (with other numbers instead of 0). By putting that number into the Proxy Binding window, you're telling the Proxy program to only work for browser requests coming through the encrypted Hamachi connection. If you're only going to use this proxy for browsing, you can turn off the services other than HTTP on the "Configure Proxy...

If you want this proxy capability every time that home computer is turned on, you need to make the program a service that starts when the computer is powered up. There are instructions for this by Microsoft HERE or you can follow similar instructions that were made for Hamachi HERE. Obviously if you use the Hamachi example, you nned to make the appropriate changes for AnalogX Proxy. Thanks go to AnalogX for developing this simple and powerful proxy program. I couldn't find any other one one the web that was this simple to install and configure.

3. Setup Your Browser

Complete the steps below at home the first time. This is necessary to take care of any software firewall issues. For example, since I use a software firewall (other than the windows firewall), the first time I tried to use the proxy, the firewall on my home computer asked if I wanted to permit this network connection. So I simply approved the connection and set the firewall to remember the permissions.

When you want to use the home proxy, you need to configure the web browser on your laptop. The good news is that the browsers normally save these settings so you can just turn them on or off as necessary. I've included instructions for Firefox 3.5 and Internet Explorer8. If you're using a different browser, you can probably find similar instructions for that browser by searching on Bing.com or Google.com.

a) Firefox 3.5 In Firefox, go to Tools\Options\Advanced\Network and click the "Settings" button near the top. Click the bubble next to "Manual proxy configuration:" and put the Hamachi address of the home computer (example: 5.000.000.000) in the "HTTP Proxy:" window. For the "Port:" window enter 6588. These are critical for this to work. When you're done accessing the web through the proxy, go back and change the Firefox connection settings to "No proxy."

b) Internet Explorer8 In IE8, go to Tools\Internet Options\Connections\ and click the "Lan settings" button near the bottom of the window. In the Local Area Network Settings window, in the "Proxy server" section check the box next to "Use a proxy server for your LAN..." Then enter the Hamachi address for your home computer (example: 5.000.000.000) in the Address window and enter 6588 in the port window. When you're done browsing through the proxy, just come back to this window and uncheck the box next to "Use a proxy server..."

4. Connect and Browse

After you've installed the two programs, configured them, and configured your firewall (if necessary), you're ready to go.

First, you need to leave your home computer powered on with Hamachi and AnalogX Proxy running. The when you connect to a public hotspot, connect Hamachi first, then set your browser to use the proxy. Now you can securely browse the web, access bank sites, check email, etc., on your laptop from the public network through your home computer. You can stop worrying about hackers getting access to your info.

Another Option

If this tutorial sounds like too much work or if it's a little advanced for you, there is an option. You can download and install HotSpotShield. It's also free. Unfortunately it's ad supported so when you use it, you'll get advertisements at the top of web pages. Another disadvantage is that all your private data will go through their server. So you have to trust them. I haven't heard anything bad about the company, but why risk it. Why expose your personal information to another company?

This is a fairly advanced task but if you have any difficulty, you're welcome to email me with questions but please make sure your email subject line doesn't look like spam or it will probably get deleted. Also email me if you have suggestions on how I can make this or any part of my site better. Thanks.