Connect to the internet securely

Hi Experts,

I have a friend in Mexico that his Facebook, Yahoo and computer has been compromise from a hacker in Mexico, He has re-install the OS twice and the hacker even compromise another 2 computers in the same house. They do not use the internet at home and they have to go to a Internet Cafe to view their emails and Facebooks accounts. Police don't do anything.
Can you suggest of any program that will encrypt the connection before they access the internet? or any other suggestion?

Please advise
chenzoviccAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sikhumbuzo NtsadaIT AdministrationCommented:
I'm am not sure there is a way you can protect an internet café computer as a user. Rather the owner of the computer must put a security tool in measure.

You have no control over that PC except the owner.
0
chenzoviccAuthor Commented:
I apologize for not been clear but my friend is trying to protect his computers at home before connecting to the internet so this hacker will not get in. Every time they connect from the house their accounts are compromise and they have seen the mouse moving by it self and trying to download programs.
0
cristiantmCommented:
Encrypting his connection will not guarantee that the attacks stop. Its not clear where the attacks came from and without that is hard to tell what to do to stop them.

First, why do he thinks that the home computer is compromised? Is there any sign that the computer itself was compromised? What did he do to protect it? Did a fresh install, used a good antivirus/firewall (Windows defender is fine), updated everything?

Encrypting the connection would only protect him from someone that controls the network that he is acessing. In a private home, that could be the internet service provider, or if the link is shared, someone that is also using it. If there is a wireless access point, securing it with a WPA2 setting with a good password would help. Does not look like the most probable attack vector in such case, but you can encrypt traffic to some sites, and thats the case of facebook and yahoo, by asking them to use secure (https) connections. On facebook this is in your settings, under security options. I would also recommend checking the other options on facebook settings, and enabling things like login notifications and login approvals. You can even check active facebook sessions on that page, and maybe identify where the attacker logged in from.

Also important is to choose good passwords to the accounts that are hacked. Dictionary attacks can easily find out weak passwords. And also not to repeat the passwords on different accounts.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

Sikhumbuzo NtsadaIT AdministrationCommented:
If the PCs have been compromised, it is more likely that what ever security measure you place, the hacker may still be able to get in, unless you know how they did it.

Suggest to format the computers and reinstall from scratch - also a good idea would be to put a gateway in front of the computers, like Linux proxy.

Or better yet start using Ubuntu, attacks are very rare on a Linux box if security is an issue and low budget.
0
chenzoviccAuthor Commented:
The computers have been reformat and re-install but this guy gets in some how. I was thinking about UBUNTU running from a cd so they can browse the internet then once they are done they just eject the cd. Do  you think that is the best way to do it?
0
Sikhumbuzo NtsadaIT AdministrationCommented:
Yes that can work, but it might be slow. They can install Ubuntu on a USB stick as well.
0
jfer0x01Commented:
It seems whatever malware is installed persists even after reinstall, or backup files carry infection towards new installs.

In any case, to securely connect through the internet:

1. Use ssh tunneling to an ssh box, and use a dynamic tunnel in the connection. Then configure browser to use dynamic port as a Sock5 proxy.

2. Use a VPN client to connect remotely to anothjer network, and configure your browser to pass data through the proxy.

Hope your this helps.

Jfer
0
chenzoviccAuthor Commented:
Can you please explain a little bit more about #1.
0
jfer0x01Commented:
Sure,

1. You run ssh server on a box somewhere in the world you trust.
2. You connect to this box with an ssh client, a use a dynamic port through the connectoin as a socks proxy.
3. You configure your browser to use the socks proxy and thus connect to the internet securely.
http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/

However, I think you friend might have malware residing somewhere on the disk or their backups if they keep getting re-hacked.

If your friend is using an Internet cafe to connect to to the internet, this will encrypt communications from the browser to the internet. Odds are, someone in the Internet cafe is intercepting unencrypted traffic from the browsers. If they control the access point, they can spoof dns and even intercept some encrypted traffic. SSH tunneling will prevent this by using the ssh server to forward all browser requests through the proxy.

Here is a good guide on setting up the browser and Putty in Windows to accomplish this.

http://www.sotechdesign.com.au/browsing-the-web-through-a-ssh-tunnel-with-firefox-and-putty-windows/

Good Lunk

Jfer
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
chenzoviccAuthor Commented:
Thanks for your suggestions
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.