Helping people with computers... one answer at a time.
Giving a neighbor temporary internet access seems like a neighborly thing to do. Before you do it, you should understand the risks of sharing your internet.
I have a next door neighbor who has a different internet provider than mine. When her service goes down, she asks me for the password to my router so that she can connect to the internet. I have no problem providing her with the password, but I wonder if anyone in her house can access my computer now through the router. I trust her but I am concerned that others might try to hack into my system. Should I be worried?
Worried? That might seem a bit strong, but some worry could certainly be reasonable.
I'd at least be somewhat concerned.
The short answer to your question is that yes, it's quite possible that someone on her computer with less than honorable intent could cause you grief in several ways.
Let's look at how.
We need to start by understanding exactly what it means to share your internet connection.
One of the reasons why using a router is so important is that it provides a firewall between an untrusted network, such as the internet, and a trusted or safe network, such as the local network on which you have all of your computers connected.
You implicitly trust all of the computers that are connected to your local network on the trusted side of the router. You know that you've taken whatever steps are appropriate to keep them secure and you understand the expertise and knowledge of the users of those computers. The bottom line is that you have a reasonable level of safety associated with those computers being able to communicate with each other.
The most important side-effect of being able to trust all of the computers on the trusted side of the router is that you don't need to take a lot of extra steps to protect those computers from each other. The biggest example might be that you probably don't need to have a firewall enabled on each and every computer; the router's firewall protecting them all from the un-trusted internet is enough.
By giving your neighbor a password, I assume that you mean that you are giving her your existing wifi password and that she is connecting using a wireless connection. (The alternative would be to string a cable to her house and I'm pretty sure you're not doing that. )
That means that her computer is connecting to the trusted side of your router.
This changes that trust dynamic dramatically.
As you've said, you don't really know how much you can trust your neighbor or perhaps the other people in her house.
In other words, you just allowed an un-trusted connection to the formerly trusted side of your router.
There are several ways that a non-trusted computer or computer user could cause issues for you.
It could infect your computers with malware.
You don't really know how up-to-date they are on things like computer security. For all you know, their machines have never been updated, have never run anti-malware software, and are liberally infected with all forms of viruses and spyware.
Since you've been able to trust all of the computers on the trusted side of your router up to this point, you probably didn't bother to put firewalls on each individual computer. As a result, they are potentially vulnerable to a network-based threat coming from your neighbors poorly maintained computers.
It could be used to access your computer.
It's possible, though not very likely, that your neighbor could access your computers directly. I say that that's not likely because you would need to have something like remote desktop access enabled on your system. Chances are you don't as that's the default configuration.
It could be used to snoop on your data.
A more likely scenario is that your neighbor would be able to access files on your machines using Windows networking.
Exactly how much of your computer's data is visible will vary depending on how you set up your network, but in the absolute worst case, it's conceivable that your neighbor could access all of the files on all of your computers. While that's a bit unlikely, a more common scenario is that your neighbor could access "some" of your files - where some once again depends on your specific network configuration.
It could get you in trouble.
We've heard recent news reports of this just recently; it is possible that you could be legally liable for the activity of your neighbor over your internet connection.
For example, if your neighbor were to begin downloading copyrighted material, such as music or movies, or downright illegal material, such as some forms of pornography, that could be traced back to your internet connection from which you are ultimately liable. (Caveat: I am not a lawyer, but it's my understanding that in most jurisdictions, you are liable. Seek appropriate counsel, if you're not sure.)
It could slow you down.
There's the inconvenience factor to take into account. Allowing your neighbor access to your internet could potentially impact your own ability to use it.
If they regularly perform large downloads or use it heavily, you could see your own use slow down significantly. If they get blocked or banned from certain sites, it's possible that the block could be against your IP address and apply to you as well.
Needless to say the easiest - and safest - answer is to politely decline. Perhaps you can explain that you have heard some horror stories and don't want to put yourself or your neighbor at the risk of experiencing any kind of problem or misunderstanding.
If you want to allow your neighbor to access the internet through your connection, then you should at a minimum look to lower your risk. For example, I would make sure to enable the Windows firewall on all of the computers connected to your LAN to protect you from some of the threats of malware or data snooping.
A more secure solution is to invest in a second router.
The internet would connect to router number one and your neighbor would connect to router number one.
Router number two would be connected on the LAN side of router number one and all of your computers would be connected to router number two. Router number two maintains our un-trusted/trusted demarcation where all of your computers can remain on a trusted local network and everything that is untrusted, including both your neighbor and the internet at large, are on the other side of that router.
Unfortunately, it can be a bit of work to set up correctly, and it doesn't do anything to address the liability or bandwidth issues. It does, however, protect the computers on your local network from any malicious activity on the part of your neighbor, intended or otherwise.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.