Helping people with computers... one answer at a time.
Internet security is normally about keeping us safe from the internet - but what if the risks and threats are in our home and on our own local network?
How can I tell if my flatmates have accessed or are accessing my computer? We have a BT homehub and we share the connection wirelessly, but I have the Norton firewall on. I don't know if the firewall only protects my computer from the intruders outside our network. I've heard it's easy for other people sharing the same wireless network to sneak into each others' computers. How is it done and how can I prevent it?
•
Let's see, you're worried about outside intruders accessing your system, you're worried about your privacy, and you're worried about your wireless connection.
What you've just described is the internet itself but just on a smaller scale.
It should be no surprise then that many of the concepts that used to protect ourselves from the people we don't know out on the internet would be used to protect ourselves from the people we do know sharing our internet connection.
•
In most cases I don't recommend a software firewall in addition to a hardware firewall such as a router. Normally you can draw the line of trust at the shared connection to the internet that the router provides. Everything inside of that line can be trusted. Everything outside of that line? Not so much.
In this case, however, you don't trust the people that share your internet connection. That's a very valid assumption and often a good one to make.
In a case like this you pretty much have to treat your connection as if your machine were connected directly to and sitting naked on the internet.
In other words, turn on that firewall on your machine. It places the line of trust at your machine's network connection; everything outside of your machine is not trusted. That means it should protect you from everything that might come in from the internet, of course, but also anything attempted by any of the other machines on your local network.
With the firewall on, you're not done. You still need to take all the normal precautions for internet safety and keeping your machine safe.
But there's still more.
Remember: if your machine isn't physically secure then it's not secure. Can your roommates walk up to your machine and access it when you're not around? It's not secure. Can they insert a boot disk and reboot the machine? Then it's not secure. Can they unplug your keyboard and insert an inconspicuous device that might log your keystrokes? Then your machine is not secure.
In terms of security if any of those are true you're at risk. How much of a risk is a determination only you can make, but at least be aware of it.
And then there's the wireless connection. If the access point is "open", meaning that no WEP or WPA password is required to establish a wireless connection, then even with all the security we've talked about so far your wireless communications can be sniffed. That means everything you're doing on the internet could be monitored. With an open Wifi access point it's exactly like being in a coffee house open Wifi hotspot: anyone could be listening in.
And finally, if all that weren't enough, who controls the router? Whoever has access to the router could be using it to monitor your traffic as well. Or worse, depending on the capabilities of the router.
It's all pretty scary, isn't it?
I certainly don't want to make things seem worse than they are. Much of your real risk depends on your roommates technical expertise (or access to others with that expertise), as well as just how much you trust him or her.
And to finally answer your first question: sadly there really isn't a practical way to determine if your computer has been accessed. Prevention is the only pragmatic way to address the risk. Certainly if your computer is modified in some way by malware that can usually be detected by the appropriate scanners, but if someone simply copies or views a document there's no reliable way to tell.
So figure out how much you trust the other people on your network and/or living situation and take action accordingly.
But I'd certainly leave the firewall turned on.
Article C3175 - October 9, 2007
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
My ex is an IT professional,and I believe he used some type of a thumb drive to change administrative rights, and then routed my computer activities throuh his server. How can I undo or fix this?
27-May-2010
Posted by: CJ Lipe at May 26, 2010 11:50 AM
recently someone corresponded with a craigslist seller about a ring for sale, and it says it came from my computer or I should say my email name. It wasnt me and I was on my computer durring the time of the correspondance how is this possible
Posted by: james at June 1, 2010 2:16 PMi have one programmer in my skype abonats. Once he sent me files trogh skype and asked me to send him too one file. Is it possible to view my ip and than throught someway get remote access to my pc. We dont use the same internet providers. And my connection to internet is with wire. Thank you
Posted by: tito at September 17, 2010 3:27 PMMy friends keep saying that they can access my macbook when I m not around. Therefore I m using ntego virus barrier x5. But still I am not satisfied, is there a way to know who accessed my computer in my absence.
Posted by: Hostyourspace at September 29, 2010 10:54 PMI have asked a question that has a few simularities with this 1, my query here is assuming some1 has accessed my laptop, (and they have, there was a search history of a site i havent used. though i am fairly sure it was not a physically typed in search on this keyboard) is there anyway to proceed to both prevent it re-occuring? and if it is flagged up and the isp looking at it think that aint right ect what can i do about it? at the time pop up blocker was off as i heard it slowed windows 7 dramatically, it is now firmly switched on. further note : i access the internet via an internet dongle
Posted by: Mike at November 3, 2011 12:13 PM