I’ve begun use a Tunnelbear for all my browsing when I am on the university network, since it seems horrendously non-secured and I can throw the IT department here a lot farther than I trust them.
I don’t use an automatic DNS if that makes a difference (google).
No expert, but as no-one else has leapt in, isn’t it usually just a case of googling ‘whats my ip’ and checking to see if your real ip is showing to these websites?
Mainly posted so someone will leap in and correct me, please don’t take this as pro advice!
open your browser … and go visit http://ipleak.net
just about everything that can be known about you, will be shown there
Tunnelbear is a fairly tightly-run service by some fairly competent people.
As long as you downloaded from a trustworthy source, installed properly, and are running it every time, you’re safe.
You get 500 Mb/month on the free plan, though. You won’t be protected beyond that. If your needs are heavier, try a paid service.
No, do not run packet sniffers on uni networks. They can and will be detected and the assumption will be that you’re doing something malicious.
That doesn’t tell if you if it’s encrypted. Just because your IP has changed it doesn’t necessarily mean that your connection is secure. For all we know, the data being sent back and fourth could be in plaintext.
I’ve thought about that, but I don’t think that necessarily means that the data being sent is secure. For all I know, the IP has changed, but my Uni (and anyone nearby) can still see my data.
That’s awesome. Thanks.
Yes, that shows what my IP and DNS is, but that doesn’t mean my browsing/data is private and secure. For all I know, anyone at the university IT department or on the network could have access to the data.
it would be very difficult for a third party to detect a sniffer unless they were monitoring the laptop itself. That is the problem with sniffing traffic, you simply don’t know when someone is doing it.
How exactly do you assume are packet sniffers detected?
It’s not running on the network, it’s running on the computer. Unless you couple it with something like ARP spoofing to convince the switch to send you other people’s traffic, it’s perfectly fine and as far as I know undetectable.
This comment has been overwritten by an open source script to protect this user's privacy.
If you would like to do the same, add the browser extension GreaseMonkey to Firefox and add this open source script.
Then simply click on your username on Reddit, go to the comments tab, and hit the new OVERWRITE button at the top.
Ah yes, I know my friend uses airVPN, and they have some kind of super tunneling thing that hides the data too, but I’m damned if I could explain it, it’s an option you turn on.
Pull out Wireshark and browse around and see what comes out of your computer. If all you see is VPN traffic to the VPN server, and your VPN client authenticated the server with its certificate or whatever that service uses, and uses some open-source, trusted encryption scheme, your IT department shouldn’t be able to MITM the traffic.
Without doing something silly like rewriting exe files you downloaded not through the VPN to spy on you, that is.
If ipleak.net shows that you are exiting thru your Tunnelbear exit node, you know that your Tunnelbear client is working.
Now, if you don’t trust it, or you think that you have misconfigured it so that some of what comes out of your computer goes clear-text via the uni, then you will need to go down the wireshark route
of course, your VPN provider can see where you are going. There is no escape from that. If you go to a https site, at least your content is private (unless you have installed some dodgy browser or CA cert)
I also remember reading about someone who got themselves in a lot of trouble by running a packet sniffer on campus WiFi.
Promiscous mode isn’t really needed when you only want to sniff your own traffic. In our case, sniffing is undetectable.