Summary: A shared connection to the internet is common, and provides an important level of security. But what if the machines you share with can't be trusted?
I share a house with a friend who has a broadband connection. I recently decided that I need my own internet access so added a wireless card to my laptop. I purchased good anti-virus protection, and the sort of thing I use the internet for is to look at academic sites, iTunes, a bit of shopping, that sort of thing. My concern is that my friend sometimes uses his connection to download pornography and surf some of the less reputable sites on the net. As a result has had some serious virus problems in the past which often accompany that kind of site. His virus protection is minimal and I'm worried about the possibility of my computer being infected through the wireless connection. So in a nut-shell can my computer be infected/be more likely to be infected through a wireless connection? If so, is there anything you can suggest given that I can't persuade my friend to beef up his anti-virus protection?
•
The short answer is that yes, you are at risk.
The bad news is that your friend is a part of the problem - he's one of the bad players on the internet.
The good news is that we know how to deal with that, because in reality, we deal with that every day.
•
To start with, I would add a firewall to your mix.
We put a lot of emphasis on protecting ourselves from the bad players "out there", somewhere on the internet. That's why things like anti-virus software and anti-spyware software are so important. It's good to hear you have those solutions already in place.
Typically when we share a broadband connection with someone, there's a router that acts as a firewall and protects us from many other types of threats "out there". In your case, however, your friend is, essentially, a bad player - someone who doesn't necessarily intentionally distribute viruses or malware, but doesn't take adequate steps to prevent it either.
The problem is that he's on the "safe" side of the router/firewall - which means it's not safe at all.
While the router protects you from threats coming from the internet, you're unprotected from threats coming from your friends machine.
As a result, I believe you want an additional firewall of your own.
It could be as simple as enabling the Windows Firewall. In fact, if you do nothing else, or until you take stronger steps, I recommend you enable it right away. You could invest in some of the more comprehensive software firewall solutions such as ZoneAlarm. You could even go so far as to purchase a wireless router of your own, which would connect (via network cable) to the existing router and set up your own, private, wireless network (there could be issues with "double natting" depending on what you do, but in typical use it's not a big deal.)
I do suggest that you encrypt your wireless connection - either with WEP or WPA. (Yes, WEP is less secure, but it's still a barrier to casual snooping). By having an open Wifi connection, you're at the same risk, or higher, from folks nearby who might use your wireless connection without your knowledge. Putting security on your wireless eliminates this threat.
And for everyone else, the scenario you outline is very common. When you share an internet connection of any form - be it a roommate's broadband router, or a public WiFi hotspot, without a firewall in place you're vulnerable to attacks from any of the machines sharing that network with you.
That's why I always turn on the Windows Firewall when I'm in such a situation.
Related:
-
Ask Leo! - Do I need a firewall, and if so, what kind?
-
Ask Leo! - Internet Safety: How do I keep my computer safe on the internet?
-
Ask Leo! - What is Double Natting?
Article C2819 - October 23, 2006
isn't the Windows firewall turned on by default ever since XP SP2?
Posted by: Tom at October 30, 2009 6:19 AM