Protection against keyloggers / internet cafe logs-reading.

The closest thing to a wireless hotspot in most places I´m traveling is an overheated 50 year-old car.
I have the laptop with wireless, but it's useless in most countries.

okay, but what about the sys admin simply logging everything I do, is there any avoiding this?

Really good solid advice gidds, although I'd still recommend caution as it'd be hard to put 100% trust in the webscans, and a rebuild from an image could still contain all the nasties that the owner/admin wants it to...

"is there any avoiding this?"... without doubt? Absolutely not :/

I agree. No way...

Ask I said in my post, there is NO wireless anywhere in the places I'm traveling (read 3rd world).  the main concern I have is sysadmins grabbing my passwords for bank websites. Changing my password will make no difference if they are getting the change I made. How would I encrypt over a tunnel like vpn or ssh?  For instance if I go to www.banksomewhere.com how would I do the vpn/ssh thing?

is there anything like  RSA SecurID if you have systems of your own that you want to protect that is available for email systems, like imap that I could use for a monthly (or free) fee.  I don't have my own server.

thanks

what is the pros/cons of hushmail vs safe-mail?

I dont' have a home pc available, it's in storage. If the cafe uses the screen capture thing mentioned, even if I was doing all the stuff via the home computer, they could still capture that, right?  And they could still keylog, right? so, what does that add, securitywise, to my issue? Plus, are there services available were I could use someone else's VPN/SSH service to access this, while at a cafe?  

https: is also only secure (encrypted) after it's left the computer I'm on right, so it does nothing for the keystroke logger/screen capture/network admin problem, right?

hello - I just wrote that with osk.exe, that's cool, never new about that before, if only I could get it to do, russian, I'll reboot into the russian MUI and see.

those constantly changing password RSA devices, are there any servers that provide them, then I could use that for email at least.

1. I will try and run online scans. - for spyware/software keyloggers.
2. I will check the running processes/services. - to see obvious software keyloggers - spyware.
3. I will use the osk.exe (is there a localized version for MUIs?) to fool hard-ware keyloggers.
4. setup a temp email and forward to it
5. clear cookies/url history after use

In my particular case, non-Wireless, no running computer anywhere else, don't know or trust the owners of cafes, usually no ethernet hookup.  Would you suggest any other things I could do? Besides pray & hope?

Save up for a laptop ;) Use the connection in your hotel ... I dunno much else...
-rich

Hi richrumble,
I quickly scanned the text for osk before launching that little clue, sorry, I did not read your comments.
Asides: very interesting, that osk uses the keyboard api, too. That was the information I once searched for. So my tip was leading in the wrong direction.
CU

got the laptop... I can tell the tech type don't go to 3rd world countries too much ;->
hotel!? Try a hostel/hut, connection... I don't remember last time I had a phone outlet while on the road.. now i'm at my apartment, in Belarus, so it's good, but.... well that's another thread... thanks for the info and help though.

Good luck. The last couple of times I used an Internet cafe, they had some captive software running that only allowed you to run IE, no way to run scanners or even Task Manager.

yeah, that's what I figured (about not being able to run task manager or online scans), maybe I can boot from a linux cd or something, though I doubt the network would be available than, we'll see.

Thanks guys, very helpful and quick response, this is the best forum for IT, have a good one.
david

Get a copy of the Ubuntu Live CD (free) ... go into a cafe, put the disk in the CD drive and reboot.

You're not using the cafe's OS, so no software such as keystroke loggers will get you - nothing from the hard disk is being loaded at all.

Connect to a trusted terminal services server somewhere and network sniffing is not an issue.

Most low-tech cafes just charge you for the time you're sitting at the computer, but if they have some kind of voucher system you may be hooped (or you may actually get around the pay-for-service system and get free access).

The main prerequisite is that the computer you need must have a dynamic IP address (or you know how to find what address to use and how to set Ubuntu up to use said address).

BTW, Knoppix is good too.

I will look into the Ubuntu disc... thanks... I don't mind paying for the cafe, as it's a good service, and most I use are like 1-2 dollars an hour...
A lot of cafes though don't have CD drives, as they are onto people like us.....

But there's still the fact that my info must go out to the internet via their server... thus they could just grab it on the way out couldn't they...?

that's probably unavoidable, right? Could I encrypt it via the Ubuntu disc, and then even if they catch it at the server on the way out or in they couldn't decrypt it in time before I change my passwords...??
thanks
david

"thus they could just grab it on the way out couldn't they...?"

Yes, they could install a network sniffer in principle to capture all traffic (though unlikely in practise).

Whether you could encrypt all traffic would depend on who you are corresponding with. Little point encrypting your emails if the person receiving them can't decrypt them. But if you are corresponding with people who can decrypt,  then you could use something like PGP to encrypt.

I was more interested in encrypting my account numbers & passwords that I enter on bank & investing sites... I've seen so many programs for cracking passwords that I'm worried that will happening

In that case the answer is yes, they would be secure from network snooping. I am assuming that all banks and investment sites use secure connections (look for the small yellow lock in the IE status bar, and look for addresses that begin with https://).

Of course, this assumes you have booted to a clean system from CD (and there is no hardware keulogger installed). That yellow lock offers no protection from software or hardware keyloggers.

cool, thanks

Check Point claim to be doing something with Connectra that solves just this problem.  There's still the issue of hardware keyloggers - they are 100% indetectable by the OS, so not even Connectra would work.