General discussion

Locked

security on a local network

By rosorna2 ·
Hi, I have a question. If I have cable internet and there are set
up, let us say, 2 computers to use that connection, is it possible
to secure one computer completely from being hacked into by
the other. Someone sharing my internet connection did
something which allowed him to see in real time what I was
looking up on the internet and to watch along with me some
videos I was watching. I did not have file sharing enabled and I
used a mac. The mac firewall was on and I had a router, but not
one of the best, probably. Is there any hardware firewall that
would prevent such a local intrusion and record the intrusion
attempts, and if so which?Or some other product that would
detect and record this local intrusion?Is there a way to "see" this
other computer? Additionally, could both of
the computers have the same ip address or not?

This conversation is currently closed to new comments.

12 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Answers

by BFilmFan In reply to security on a local netwo ...

There are many hardware appliances that act as firewalls, SonicWALL offers one that may be in your price range:

http://www.sonicwall.com/products/vpnapp.html

You could also use a properly configured software firewall.

You could also disconnect this person off your local network. I would suggest a wiffle ball bat applied liberally about their head to emphasize your displeasure with their hackign activities.

Enjoy!

Collapse -

Firewall??

by mjd420nova In reply to Answers

I used to run a modified version of REDHAND
and could do just what you described.
works well as an administration tool,
but left that to an automated logging
file and let the admins pick out the
numbers.

Collapse -

Router or hub?

by Dr Dij In reply to Firewall??

If you have a hub, and the person has a 'promiscuous' ethernet card, they can see every packe on the local segment which would include your local network.

If you have a router such as a cheap cable / dsl router to connect your local net instead of a hub (these have 4 or 8 ports or more) you can have these exclude traffic from your PCs from being forwarded onto the other person's connection. I.E. you'll both forward packets out to the internet but not locally. But you need to go into the router and activate this feature.

This would be a hardware thwart to sending any packets to your machine thru the local net. And any non-requested packets sent outside to internet then to your address would simply be dropped (the standard job of a cable router).

Collapse -

by rosorna2 In reply to Router or hub?

I used a linksys dsl/ cable router, the cheaper of the two BEFSR41
versions. I am not sure if that router even had a log option that
recorded any break it attempts. Is there any more advanced router
that you would recommend and that has the feature you described?
Thanks

Collapse -

Go to website, get manual

by Dr Dij In reply to

'router' means it DOES have capability probably to segregate your local net and packets. and you don't need to install sw usually, you just browse to the IP address in the manual that is the routers and set the options.

When I go home tonite I'll see what brand mine is.
It was very inexpensive. It kept my roomate off my local segment.

And since no software to install, works with linux, windoze, mac, etc.

Collapse -

by rosorna2 In reply to Firewall??

Thanks for replying. Is there any similar software that is compatible
with a macintosh?

Collapse -

by rosorna2 In reply to Answers

Thanks for the link. I did not see any prices listed. Do you by any
chance know how much this type of product costs?

Collapse -

Here you go

by Dr Dij In reply to

my broadband router is an SMC barricade. I'm sure many others have identical functionality. It was probably 40-50 bucks when I bought it years ago, probably $25 now.

Priceless for discarding tons of invasive pings that zonealarm logged before I got it.

(from internal net) you open web browser.
type in 192.168.123.254 to get to the device. This works because it is between you and the web. If you forget this, you can run winipcfg and see default gateway#.

It takes care of obtaining IP address from cable / dsl dhcp broadcast. your internal address does not matter to outside world.

Collapse -

by rosorna2 In reply to Here you go

Thank you for the information. I have another question. You
mentioned the possibility of a promiscuous ethernet card, and I bet
that this person probably does have it. Is the promiscous mode
something that can be enabled on any computer?
How would I enable it on my mac?I read somewhere that it can be
used with a packet sniffer, and thought that perhaps it could be
used to detect any suspicious activity by that individual, but I also
read that the other user could avoid detection if he was clever ?I
don't know if I should bother with this idea.

Collapse -

Most software

by Dr Dij In reply to

has no use for this mode. So you need the special version of nic, and software that uses this. I don't know of packet sniffers for mac tho I'm sure there are some. since some are probably open source, you could compile it but I'm sure someone has already.

If you buy the special nic card, I'm sure there's instructions on how to activate both modes. Perhaps in the device driver setup screen (is there such a screen on a mac?)

Possible the sniffer software would activate it but sound like might be device specific so probably not.

Back to Security Forum
12 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums