|
Home »
Networking
» Firewalls
Summary: Internet security is normally about keeping us safe from the internet - but what if the risks and threats are in our home and on our own local network?
Let's see, you're worried about outside intruders accessing your system, you're worried about your privacy, and you're worried about your wireless connection. What you've just described is the internet itself but just on a smaller scale. It should be no surprise then that many of the concepts that used to protect ourselves from the people we don't know out on the internet would be used to protect ourselves from the people we do know sharing our internet connection. • In most cases I don't recommend a software firewall in addition to a hardware firewall such as a router. Normally you can draw the line of trust at the shared connection to the internet that the router provides. Everything inside of that line can be trusted. Everything outside of that line? Not so much. In this case, however, you don't trust the people that share your internet connection. That's a very valid assumption and often a good one to make. In a case like this you pretty much have to treat your connection as if your machine were connected directly to and sitting naked on the internet. In other words, turn on that firewall on your machine. It places the line of trust at your machine's network connection; everything outside of your machine is not trusted. That means it should protect you from everything that might come in from the internet, of course, but also anything attempted by any of the other machines on your local network. With the firewall on, you're not done. You still need to take all the normal precautions for internet safety and keeping your machine safe. "Remember: if your machine isn't physically secure then
it's not secure."
But there's still more. Remember: if your machine isn't physically secure then it's not secure. Can your roommates walk up to your machine and access it when you're not around? It's not secure. Can they insert a boot disk and reboot the machine? Then it's not secure. Can they unplug your keyboard and insert an inconspicuous device that might log your keystrokes? Then your machine is not secure. In terms of security if any of those are true you're at risk. How much of a risk is a determination only you can make, but at least be aware of it. And then there's the wireless connection. If the access point is "open", meaning that no WEP or WPA password is required to establish a wireless connection, then even with all the security we've talked about so far your wireless communications can be sniffed. That means everything you're doing on the internet could be monitored. With an open Wifi access point it's exactly like being in a coffee house open Wifi hotspot: anyone could be listening in. And finally, if all that weren't enough, who controls the router? Whoever has access to the router could be using it to monitor your traffic as well. Or worse, depending on the capabilities of the router. It's all pretty scary, isn't it? I certainly don't want to make things seem worse than they are. Much of your real risk depends on your roommates technical expertise (or access to others with that expertise), as well as just how much you trust him or her. And to finally answer your first question: sadly there really isn't a practical way to determine if your computer has been accessed. Prevention is the only pragmatic way to address the risk. Certainly if your computer is modified in some way by malware that can usually be detected by the appropriate scanners, but if someone simply copies or views a document there's no reliable way to tell. So figure out how much you trust the other people on your network and/or living situation and take action accordingly. But I'd certainly leave the firewall turned on. Related:
Article 11899 | Posted October 9, 2007 |
Popular & Hot How do I make a new MSN Hotmail account? How do I delete history items from my Google tool bar? My desktop Recycle Bin has disappeared - why, and how do I get it back? How do I delete my Hotmail account? I accidentally deleted my Recycle Bin in Vista - how do I get it back? New & Important How can I get the old Windows Live Hotmail back? Internet Safety: How do I keep my computer safe on the internet? Are free email services worth it? Would you please recover my password? My account has been hacked or I've forgotten it.
Stay Informed Archives Advertisers |
|
•
Under the Start fly-up is Recent Documents.
Posted by: Craig Williams at October 13, 2007 01:13 PMI was thinking if I did not access the most recent documents listed...........Then someone else must have turned on my computer and and accessed my docs. Yes or No
dear Leo,
Posted by: leah schenker at October 17, 2007 12:14 AMhow realible is the internet explorer hitory? if I see that a document has been accessed during my vacation, how can that be ? could it be a mistake? am I beeing hacked ? thanks, L.S.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I wouldn't suspect a hack. I think someone just used your computer while you were away.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHF7szCMEe9B/8oqERAsffAKCMTzFFDQMCD6DzW0peHvTnltAdEwCfZH+H
Posted by: Leo A. Notenboom at October 18, 2007 12:59 PMyNzqeGEn2aa/EnZ468BUcxU=
=qODz
-----END PGP SIGNATURE-----
Thanks for the answer. I also checked the event viewer. It showed some activity during that same period I was away. But apparently nobody had access to me house.
Posted by: leah schenker at October 19, 2007 07:50 AMSo basically the event viewer and IE History are showing that someone has used the Computer, but nobody was there!? Are those (History and event viewer) reliable? Because you said before " sadly there really isn't a practical way to determine if your computer has been accessed"
If yes, i need to protect my home. I am desperate.
Thanks for your help.
Leo,Thank you so much for your answer! Sorry for this late reply. I just found your email in my box tonight. I was so surprised and happy to know that you have answered my question. I really appreciate that you explained everything so well,in details and that you cared to answer all my questions one by one.
Your answer is so clear and easy to understand although it covers a good range of complicated issues. Now I do understand more about internet and internet security because of your great help. I am going to make some changes according to your advice.
I am very grateful. You are great, Leo!!
Posted by: wawa at November 1, 2007 06:19 PMHello Leo,
this is my first time to read Your articles, I'm from Croatia, studying informatics, and I think that this theme is very interesting.
I'm not best in English but I have some questions, so please can You answer me :
1. I have ZoneAlarm free firewall. What did You mean by Advanced firewall, or Hardware firewall, because my computer is significantly slowed down, like You said beacuse of my software firewall. And in the last 2 weeks I reinstalled my WinXP 5 times because of trojans and other spyware. I had Avast but now I switched to NOD32 plus Adaware 2007.
2. I have D-Link wireless ADSL 2+ Router (DSL-G684T) and I would like to change the ip address so that only me and my roomate can access the router. We don't even use wireless cards, we are connected to the router with cables. Antenna is also switched from router. Can anyone other now access our internet connection, because we can download 1Gb/month (I know it's silly for US standards) and don't want someone else to use it. And how to turn on that WEP, will it ask me for a password if it's turned on?
Thank You
Posted by: Marka at November 28, 2007 04:40 PMhello im not sure whats going on. my computer acts like someone else is doing something on the other end of my computer.everytime i log on a message comes on telling me that windows internet explorer has to abort! this happens (every time)!i have scanned it and it tells me all is fine i am the (only one) who uses this computer so i dont understand what is going on can you help me thanks!
Posted by: mary blankinship at January 12, 2008 09:10 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You haven't given a lot of details to go on, but perhaps
this article might be a start:
http://ask-leo.com/iexploreexe_has_generated_an_error_now_what.html
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHinMcCMEe9B/8oqERAgrTAJsHMUKYi6+xurU+bcST4Ln/crRX5wCfReqj
Posted by: Leo A. Notenboom at January 13, 2008 12:22 PMt37q4TP3cF6I8p9IxLNhgg8=
=/gY4
-----END PGP SIGNATURE-----
I think my husband has somehow managed to get shared access to my computer to check up on me. My comp crashed last week losing all my work stuff he rebooted and swore he did nothing but Im pretty sure he loaded something again....Please help!!!!
Posted by: Nicole at March 30, 2008 11:01 PMaccess to my computer I suspect from someone close to me. When I initially set up my laptop, when opened, it went directly to my connection. But the qhestion is, how does this person know my contents, I thought my email address password is manditory.thanks
Posted by: ron gismondi at May 10, 2008 06:49 AM