Security

I used to run a modified version of REDHAND
and could do just what you described.
works well as an administration tool,
but left that to an automated logging
file and let the admins pick out the
numbers.

If you have a hub, and the person has a 'promiscuous' ethernet card, they can see every packe on the local segment which would include your local network.

If you have a router such as a cheap cable / dsl router to connect your local net instead of a hub (these have 4 or 8 ports or more) you can have these exclude traffic from your PCs from being forwarded onto the other person's connection. I.E. you'll both forward packets out to the internet but not locally. But you need to go into the router and activate this feature.

This would be a hardware thwart to sending any packets to your machine thru the local net. And any non-requested packets sent outside to internet then to your address would simply be dropped (the standard job of a cable router).

I used a linksys dsl/ cable router, the cheaper of the two BEFSR41
versions. I am not sure if that router even had a log option that
recorded any break it attempts. Is there any more advanced router
that you would recommend and that has the feature you described?
Thanks

'router' means it DOES have capability probably to segregate your local net and packets. and you don't need to install sw usually, you just browse to the IP address in the manual that is the routers and set the options.

When I go home tonite I'll see what brand mine is.
It was very inexpensive. It kept my roomate off my local segment.

And since no software to install, works with linux, windoze, mac, etc.

Thanks for replying. Is there any similar software that is compatible
with a macintosh?

Thanks for the link. I did not see any prices listed. Do you by any
chance know how much this type of product costs?

my broadband router is an SMC barricade. I'm sure many others have identical functionality. It was probably 40-50 bucks when I bought it years ago, probably $25 now.

Priceless for discarding tons of invasive pings that zonealarm logged before I got it.

(from internal net) you open web browser.
type in 192.168.123.254 to get to the device. This works because it is between you and the web. If you forget this, you can run winipcfg and see default gateway#.

It takes care of obtaining IP address from cable / dsl dhcp broadcast. your internal address does not matter to outside world.

Thank you for the information. I have another question. You
mentioned the possibility of a promiscuous ethernet card, and I bet
that this person probably does have it. Is the promiscous mode
something that can be enabled on any computer?
How would I enable it on my mac?I read somewhere that it can be
used with a packet sniffer, and thought that perhaps it could be
used to detect any suspicious activity by that individual, but I also
read that the other user could avoid detection if he was clever ?I
don't know if I should bother with this idea.

has no use for this mode. So you need the special version of nic, and software that uses this. I don't know of packet sniffers for mac tho I'm sure there are some. since some are probably open source, you could compile it but I'm sure someone has already.

If you buy the special nic card, I'm sure there's instructions on how to activate both modes. Perhaps in the device driver setup screen (is there such a screen on a mac?)

Possible the sniffer software would activate it but sound like might be device specific so probably not.