How can I tell if my computer's been accessed by someone else, and how do I prevent it?
Helping people with computers... one answer at a time.
Internet security is normally about keeping us
safe from the internet - but what if the risks and threats are in our
home and on our own local network?
How can I tell if my flatmates have accessed or are accessing my computer?
We have a BT homehub and we share the connection wirelessly, but I have the
Norton firewall on. I don't know if the firewall only protects my computer from
the intruders outside our network. I've heard it's easy for other people
sharing the same wireless network to sneak into each others' computers. How is
it done and how can I prevent it?
•
Let's see, you're worried about outside intruders accessing your system,
you're worried about your privacy, and you're worried about your wireless
connection.
What you've just described is the internet itself but just on a smaller scale.
It should be no surprise then that many of the concepts that used to protect ourselves from the people we don't know out on the internet would be used to protect ourselves from the people we do know sharing our internet connection.
What you've just described is the internet itself but just on a smaller scale.
It should be no surprise then that many of the concepts that used to protect ourselves from the people we don't know out on the internet would be used to protect ourselves from the people we do know sharing our internet connection.
•
In most cases I don't recommend a software firewall in addition to a
hardware firewall such as a router. Normally you can draw the line of trust at
the shared connection to the internet that the router provides. Everything
inside of that line can be trusted. Everything outside of that line? Not so
much.
In this case, however, you don't trust the people that share your internet connection. That's a very valid assumption and often a good one to make.
In a case like this you pretty much have to treat your connection as if your machine were connected directly to and sitting naked on the internet.
In other words, turn on that firewall on your machine. It places the line of trust at your machine's network connection; everything outside of your machine is not trusted. That means it should protect you from everything that might come in from the internet, of course, but also anything attempted by any of the other machines on your local network.
With the firewall on, you're not done. You still need to take all the normal precautions for internet safety and keeping your machine safe.
Remember: if your machine isn't physically secure then it's not secure. Can your roommates walk up to your machine and access it when you're not around? It's not secure. Can they insert a boot disk and reboot the machine? Then it's not secure. Can they unplug your keyboard and insert an inconspicuous device that might log your keystrokes? Then your machine is not secure.
In terms of security if any of those are true you're at risk. How much of a risk is a determination only you can make, but at least be aware of it.
And then there's the wireless connection. If the access point is "open", meaning that no WEP or WPA password is required to establish a wireless connection, then even with all the security we've talked about so far your wireless communications can be sniffed. That means everything you're doing on the internet could be monitored. With an open Wifi access point it's exactly like being in a coffee house open Wifi hotspot: anyone could be listening in.
And finally, if all that weren't enough, who controls the router? Whoever has access to the router could be using it to monitor your traffic as well. Or worse, depending on the capabilities of the router.
It's all pretty scary, isn't it?
I certainly don't want to make things seem worse than they are. Much of your real risk depends on your roommates technical expertise (or access to others with that expertise), as well as just how much you trust him or her.
And to finally answer your first question: sadly there really isn't a practical way to determine if your computer has been accessed. Prevention is the only pragmatic way to address the risk. Certainly if your computer is modified in some way by malware that can usually be detected by the appropriate scanners, but if someone simply copies or views a document there's no reliable way to tell.
So figure out how much you trust the other people on your network and/or living situation and take action accordingly.
But I'd certainly leave the firewall turned on.
In this case, however, you don't trust the people that share your internet connection. That's a very valid assumption and often a good one to make.
In a case like this you pretty much have to treat your connection as if your machine were connected directly to and sitting naked on the internet.
In other words, turn on that firewall on your machine. It places the line of trust at your machine's network connection; everything outside of your machine is not trusted. That means it should protect you from everything that might come in from the internet, of course, but also anything attempted by any of the other machines on your local network.
With the firewall on, you're not done. You still need to take all the normal precautions for internet safety and keeping your machine safe.
"Remember: if your machine isn't physically secure then
it's not secure."
But there's still more.Remember: if your machine isn't physically secure then it's not secure. Can your roommates walk up to your machine and access it when you're not around? It's not secure. Can they insert a boot disk and reboot the machine? Then it's not secure. Can they unplug your keyboard and insert an inconspicuous device that might log your keystrokes? Then your machine is not secure.
In terms of security if any of those are true you're at risk. How much of a risk is a determination only you can make, but at least be aware of it.
And then there's the wireless connection. If the access point is "open", meaning that no WEP or WPA password is required to establish a wireless connection, then even with all the security we've talked about so far your wireless communications can be sniffed. That means everything you're doing on the internet could be monitored. With an open Wifi access point it's exactly like being in a coffee house open Wifi hotspot: anyone could be listening in.
And finally, if all that weren't enough, who controls the router? Whoever has access to the router could be using it to monitor your traffic as well. Or worse, depending on the capabilities of the router.
It's all pretty scary, isn't it?
I certainly don't want to make things seem worse than they are. Much of your real risk depends on your roommates technical expertise (or access to others with that expertise), as well as just how much you trust him or her.
And to finally answer your first question: sadly there really isn't a practical way to determine if your computer has been accessed. Prevention is the only pragmatic way to address the risk. Certainly if your computer is modified in some way by malware that can usually be detected by the appropriate scanners, but if someone simply copies or views a document there's no reliable way to tell.
So figure out how much you trust the other people on your network and/or living situation and take action accordingly.
But I'd certainly leave the firewall turned on.
Share this article with your friends:
No comments:
Post a Comment