Watch out for network traffic logging and analysis.
To keep everything from prying eyes (from a network level).
Run a DNS server and web proxy at home, and keep port 22 open from your office network. ssh into home while redirecting local ports 53 and web proxy (3128 for squid, or whatever you decide to run).
On your work box:
Set up local DNS to be 127.0.0.1:53 and web proxy to be 127.0.0.1:3128(orwhatever proxy port)
then, ssh to home like:
ssh -C -L 53:localhost:53 -L 3128:localhost:3128 [email protected]
Now all of your web traffic and DNS lookups go over ssh (encrypted) to home and all the network monitoring sees is a single ssh connection out.
This assumes many things:
1) They are not keystroke logging your machine (DOH!)
2) The network allows for ssh outbound
3) You get a 3M privacy overlay for your flat panel
4) You have root/administrator priv on your box to redirect ports below 1024 (DNS port 53)
5) You're not violating a specific company poilicy that says they can fire you for this.
You can always use this for hotspots when you want to keep your activities private.