VPN setup for Jaadu(teleport)/Mocha for a secure connection?

[tongteh]

I have done quite a lot of reading in this forum before actually deciding to post this new thread, i hope you guys don't mind helping me in such matter. alright, i shall begin with the problem:

i have heard many security issue for using VNC server or to be precise connecting to your PC with Jaadu/Mocha via 3G/EDGE/GPRS. but according to CommanderData, there is a way to secure and encrypt the connection by setting up a VPN(i dont really know what it stands for or what exactly it does, but the brief picture i have is that it will encrypt the data connection at the endpoint. hope i am not wrong)

The actual problem begins here, i really have no idea how to set up those VPN stuff!! on the iphone itself i have to pick between L2TP, PPTP, and IPSec
What exactly should i key in for the Description? Server? Account? RSA securID?? Password? SECRET?!? Send all traffic?? what are they?? where do i get what to put into those??

I am pretty sure i have a VPN modem router(NETGEAR DG834G) as i have that "advance - VPN" tab along with VPN wizard.. and again i have no idea what to enter for the settings... but i did give it a shot though. I clicked on VPN Wizard and come across
"Step 1" which have some questions asking me New Connection Name, Pre-shared key, and VPN tunnel connect to: "a remote VPN Gateway" or "a remote VPN client (single PC)".
So my answers for those are simply random connection name, random pre-shared key and choose on "A remote VPN gateway". let me know if i am doing it wrong, PLEASE.. i would really appreciate any help and thanks for reading till here!!
then "step 2" a question asking what's your remote WAN IP address or internet name(so i key in what ever is written in http://www.formyip.com) again i am not sure if i am right or wrong..
and "step 3" have question asking "What is the remote LAN IP address and Subnet Mask?" i just keyed in 192.168.0.2 and 255.255.255.0 and in hope that i have entered everything correctly(which i highly doubt).

Now after all those being done i have access to VPN Policy.. everything there seems to be what i have entered earlier in the VPN wizard except:

IKE
Direction :
Exchange Mode :
Diffie-Hellman (DH) Group :
Local Identity Type :
Data :
Remote Identity Type :
Data :

and

Parameters
Encryption Algorithm :
Authentication Algorithm :
Pre-shared Key :
SA Life Time (Seconds) :

I am quite sure everyone wants to have a secure connection while using Jaadu/Mocha. and especially since Jaadu is having a promotional offer now. Many of us who have just purchase Jaadu and have no idea about VPN would probably find this thread handy.

Thank you very much for any help or even trying to help, i appreciate it very much.. Thanks to CommanderData's post that allows me to know the security issues by VNC.

 

[rockstarjoe]

I have done quite a lot of reading in this forum before actually deciding to post this new thread, i hope you guys don't mind helping me in such matter. alright, i shall begin with the problem:

i have heard many security issue for using VNC server or to be precise connecting to your PC with Jaadu/Mocha via 3G/EDGE/GPRS. but according to CommanderData, there is a way to secure and encrypt the connection by setting up a VPN(i dont really know what it stands for or what exactly it does, but the brief picture i have is that it will encrypt the data connection at the endpoint. hope i am not wrong)

The actual problem begins here, i really have no idea how to set up those VPN stuff!! on the iphone itself i have to pick between L2TP, PPTP, and IPSec
What exactly should i key in for the Description? Server? Account? RSA securID?? Password? SECRET?!? Send all traffic?? what are they?? where do i get what to put into those??

I am pretty sure i have a VPN modem router(NETGEAR DG834G) as i have that "advance - VPN" tab along with VPN wizard.. and again i have no idea what to enter for the settings... but i did give it a shot though. I clicked on VPN Wizard and come across
"Step 1" which have some questions asking me New Connection Name, Pre-shared key, and VPN tunnel connect to: "a remote VPN Gateway" or "a remote VPN client (single PC)".
So my answers for those are simply random connection name, random pre-shared key and choose on "A remote VPN gateway". let me know if i am doing it wrong, PLEASE.. i would really appreciate any help and thanks for reading till here!!
then "step 2" a question asking what's your remote WAN IP address or internet name(so i key in what ever is written in http://www.formyip.com) again i am not sure if i am right or wrong..
and "step 3" have question asking "What is the remote LAN IP address and Subnet Mask?" i just keyed in 192.168.0.2 and 255.255.255.0 and in hope that i have entered everything correctly(which i highly doubt).

Now after all those being done i have access to VPN Policy.. everything there seems to be what i have entered earlier in the VPN wizard except:

IKE
Direction :
Exchange Mode :
Diffie-Hellman (DH) Group :
Local Identity Type :
Data :
Remote Identity Type :
Data :

and

Parameters
Encryption Algorithm :
Authentication Algorithm :
Pre-shared Key :
SA Life Time (Seconds) :

I am quite sure everyone wants to have a secure connection while using Jaadu/Mocha. and especially since Jaadu is having a promotional offer now. Many of us who have just purchase Jaadu and have no idea about VPN would probably find this thread handy.

Thank you very much for any help or even trying to help, i appreciate it very much.. Thanks to CommanderData's post that allows me to know the security issues by VNC.

I'm afraid I can't answer your set up question, but if I am not mistaken it is actually safer to connect over 3g/edge/gprs than it is over wifi (since wifi packet sniffing is much easier and more common than cellular snooping).

A VPN is a virtual private network. It is like having your iPhone connected to your home network even though you aren't at home, and it encrypts all of the data between where you are and your home network.

It sounds like you are on the right path, and I'll let someone with more info help with your router set up. Just a warning, I tried to set up VPN with my Linksys VPN router and it wouldn't work with the iPhone's VPN software, so there is a chance that you might run into the same compatibility issue.

Good luck and keep us posted!

 

[tongteh]

I think CommanderData knows about this stuff. Here's a post he made in this topic, back when Jaadu was called Teleport:

this is where i got the conclusion of the security issues by using VNC.. i even read the article stated in the picture and that's exactly what they are saying as well.. but if there is evidence to prove that it is safer to connect over 3g/edge/gprs than it is over wifi i would greatly accept it.. thank you for you reply!!

 

[CommanderData]

Did someone call my name ?

Tongteh, I looked up the Netgear DG834G for you- it supports VPN-Passthrough, which means that you can connect to other remote VPNs (say your work/office) and the DG834G will not block your packets. It does not let you connect from your iPhone to your home with a VPN tunnel.

You need a router like the Linksys RV042, RV082, or perhaps the D-Link DIR-330 (I think PassiveJJ purchased one of these and got it going). You can also get official Cisco gear like their ASA units. You'll probably use PPTP, maybe L2TP. The only way to get an IPSec tunnel working on the iPhone will be to use a genuine Cisco appliance.

Anyway PPTP will be the easiest to set up, minimal settings to work with. The encryption for PPTP is based on your password, so the longer and more random your password is the better. If you're doubly paranoid about sniffing don't connect over WiFi, only EDGE or 3G, that will make it unlikely that anyone but the government could get any data from your connection.

Hope this steers you the right direction. As I said- step one is to buy a new router with a VPN server built in.

 

[njpodder]

Wow, I don't even know what security risks exist using Jaadu. I mean, I jsut downloaded it because it looked like fun, I don't ACTUALLY have a real use for it other than showing off how neat it is. So, I guess my question is, Is it really unsafe? I followed their website to set up how to connect to get it working, but for me not to have a real needed use for the program, am I opening up my computer or iPhone up to horrible terrible security risks for no reason at all?

 

[jaseone]

Can someone that knows what they are doing hack into a VNC session that isn't tunneled? Yes they can. Will they? Why would they? If you aren't anyone important like for example Sarah Palin, why would anyone want to hack into your VPN session?

I feel people are being way too paranoid about such things myself.

 

[ruftytufty]

Can someone that knows what they are doing hack into a VNC session that isn't tunneled? Yes they can. Will they? Why would they? If you aren't anyone important like for example Sarah Palin, why would anyone want to hack into your VPN session?

I feel people are being way too paranoid about such things myself.

I don't think it's just an issue of someone targeting a single person, specifically, because they are "important".

There are people out there, with significant technical abilities, who are unscrupulous, and would like to get your financial/identity information: login ids, passwords, credit card numbers, bank account numbers, SSN, birthdate, etc. Once they have that info, they can potentially use it themselves or sell it to others who will, to steal your identity, access your accounts, take over you computer to send spam, etc.

If this info is being sent over the open internet, they can potentially set up traffic scanners to look for info of the appropriate type as it flies by, and grab it. And, they are getting more sophisticated all the time.

That's why it's so important that web browsers use a secure connection when transmitting sensitive data - there are potentially many insecure access points between the endpoints of the connection.

What are the chances of this happening to any specific person? Probably not that high. But, definitely not zero, and given the potential consequences if it does happen (ever had your identity stolen, or know someone who has?), high enough that IMHO, taking precautions against it is not "paranoid".

Would I connect to my home computer over a non-secure VNC connection? Probably so. But, I wouldn't send any sensitive info over it.

 

[ruftytufty]

In response to the OP's question.

I'm not sure if it's possible to redirect Jaadu's connection through a VPN connection. It would require:
1) set up the VPN connection between the iPhone and remote computer. VPN is directly supported on the iPhone: see iPhone and iPod touch: Setting up VPN. I haven't tried it yet, though. Also Google "iPhone VPN".
2) direct Jaadu's connection through the VPN connection, rather than direct. I don't know if, when VPN is active on your phone, >all< network connections go through VPN, or what. Hopefully someone w/actual VPN experience on the iPhone will weigh in.

 

[tongteh]

thanks guy for helping.. just a quick question is VPN the only solution to have it securely encrypted?

Oh i had a look at the VPN routers and found that those Linksys ones are actually quite expensive(~AUD350) i had another look at the D-Link site and quite happy with 54Mbps Wireless VPN Broadband Router, since it seems to have the all in one feature(Modem, Wi-Fi Router, VPN, and up to 54mbps). can anyone confirm if this model is alright to setup the VPN tunnel?

 

[tongteh]

Another question for this topic, would it be safe to turn on VNC client and having Jaadu connect while not using their function?? am i risking anything for having them on?? thank you for any help..

 

[spyker3292]

Random Jaadu related warning. If you do the manual set up (the directions in the Gdoc thing) you need to sign up for NO-IP. No-IP sends emails every other day telling you to sign up for the pro version. Just in case people want to avoid junk mail. That's why I love OtherInbox!

 

[tongteh]

Random Jaadu related warning. If you do the manual set up (the directions in the Gdoc thing) you need to sign up for NO-IP. No-IP sends emails every other day telling you to sign up for the pro version. Just in case people want to avoid junk mail. That's why I love OtherInbox!

I don't quite understand what you are saying there? what Gdoc? what OthreInbox? what No-ip sends email?? i am totally clueless..

I really just want to know if it's safe to have Jaadu Connect and TightVNC running while not using it. that's all.. thank you...

 

[rockstarjoe]

I don't quite understand what you are saying there? what Gdoc? what OthreInbox? what No-ip sends email?? i am totally clueless..

I really just want to know if it's safe to have Jaadu Connect and TightVNC running while not using it. that's all.. thank you...

The poster was referring to a third party company that Jaadu asks you to sign up with in order to properly set up your VNC remote connection (I personally use dyndns.org, which doesn't spam you and is free).

I would say you are safe to use Jaadu as long as you are on 3g. Don't use it on public wifi. I have been using it since pretty much the day it came out with no ill effects, no one trying to hack my network that I can see. I think a lot of people are overly paranoid.

EDIT: my friends, please don't take that as an invitation to try to hack me