Helping people with computers... one answer at a time.
Being on the same local network as another machine implies a certain level of trust. Without that trust, additional security steps are called for.
Is it possible for a person to access my previous correspondence via email and MSN via our router? The 4 of us share one router. I delete my email correspondence but I am a little afraid that my old correspondence can or may be accessed by some means via the router. Some of the correspondence is of a personal and business nature and I would not like the info to fall into the hands of a person not screened to view it. If it is possible to draw old correspondence via the shared router, how do I go about preventing such an eventuality?
There are several possible scenarios that your question might be asking about. I'll try and cover the most common.
But the short answer is that, yes, you do need to understand whether the people that share your router can be trusted. If not, you need to take steps.
First, a quick refresher: a side effect of using a NAT router is that it provides a firewall that helps protect "us", the good guys on the local side of the router, from "them", the bad guys on the internet.
That means that if you cannot trust people who share your router or local network with you, you effectively need to treat your local network as untrustworthy, and act as if you were connected to the internet directly.
Accessing Your Hard Drive
The common way that someone on your local network could access your previous correspondence is to simply access your hard drive and your mail folders over the network. (Remember, a router doesn't store any information, it simply routes data from one place to another.)
The solutions are relatively simple:
Turn off printer and file sharing
Turn on the Windows Firewall and make sure that it's blocking any file sharing attempts
The good news is that Windows File Sharing is difficult enough to set up that if you haven't done so, it might not be an issue by default, but it's definitely something you want to ensure.
In an extreme case, you might consider getting an additional router to act as a firewall between you and the other machines on your local network, and in fact is one approach that can be used by parents to keep themselves safe from the mistakes their children might make on computers that share an internet connection.
Sniffing Your Data
Depending on the router and exactly how your local network is configured, it's quite possible that the folks sharing your router can eavesdrop on your network traffic if they're tech-savvy enough. This is exactly like WiFi sniffing in internet cafe's, even if everyone is connected by Ethernet cables.
Many people believe that packet sniffing is a WiFi only problem, but it's not. Depending on how a local network is configured, it's very possible and often very easy for someone to listen in on the data that's being transmitted to and fro on that network.
But once again, the solutions are well known, and look exactly like the WiFi solutions:
Use a firewall; enable the Windows firewall if nothing else.
Use https when surfing for as many websites as support it.
Secure your email. Most email is transmitted in the clear by default, but many providers allow for encrypted connections to send and receive.
Consider a VPN to encrypt all of your internet traffic.
Walking Up To Your Machine
Many people overlook this. If the machines are in close enough proximity to share a router or local network, that often means that the people involved can easily walk up to the machine when you're not around. In fact, I've discussed How to gain administrative access to any machine as long as you can insert a CD and reboot it.
I've said it many times: if it's not physically secure, it's not secure.
Ultimately, there's nothing about the router itself that exposes you to any more or less risk. The risk comes from being on the same local network with people you don't necessarily trust. If and when that's the case, you do want to make sure you're taking appropriate steps to prevent intrusion.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.