I had a CentOS box at a company datacentre that I had an account on. I have a laptop at home running Vista and is on my home WiFi network. So, for secure browsing, I setup an SSH tunnel by basically opening a putty session binded to a local port and then set firefox to use localhost at 1080 and everything was fine. My WiFi network has WPA-PSK security (Thanks to Tomato). But I still wanted to setup the SSH tunnel for added security. Used a batch script that ran at boot to exec "putty -D 1080 -P 22 -ssh firstname.lastname@example.org", and then when putty opened and asked for the password for user 'devilish', I entered password before firing up Firefox. Few questions: 1) With the above mentioned method, I basically had myself two layers of security for all browser related surfing. Right? And was it any better? 2) My city offers an open WiFi hotspot (no wep, nothing) where anyone can logon. Using the SSH tunnel mentioned above, I could secure my browsing to a point. Correct? 3) Using the same localhost port, I can direct various programs that require the Internet to use the localhost 1080 port thereby routing all traffic through SSH? 4) Do all activities get recorded on the CentOS box on what traffic went through the account via the tunnel, etc? For example, I'm now no longer with the company, so I obviously deleted my access. Now, I'm planning to get a cheap $5p/m VPS (suggestions welcome btw) just for the SSH to be back on my secure Internet. But I was scared and wondering about what if the VPN server gets compromised... would it show all the passwords/URLs that passed by it? -- Till I get the VPS, I could do it all using the Tomato SSH as well and nothing would change compared to doing it from a real VPS either, right? Thanks a lot for reading!