So I let my neighbors onto my Wireless network. What can they do?

Discussion in 'other security issues & news' started by eniqmah, Jun 8, 2007.

Thread Status:
Not open for further replies.
  1. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    I figure I would be nice and share the connection.
    Can some one who connects to my network steal any files from me? IF so, how?
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    First, unless your ISP permits it, you are probably violating your agreement with them. It also may be illegal where you live.

    Secondly, if the do anything criminal, it would trace back to you.

    All in all a very bad idea.
     
  3. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Agreed. Does not sound like a very good idea.
     
  4. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    I still wonder about eniqmah's question:

    This is true, but most ISP's AFAIK don't assist customers in securing their networks, and so I've not heard of much enforcement of this part of the agreement. All in all, unsecured networks remain common.

    Where is it considered illegal? I do know that many jurisdictions are testing the waters of prosecuting wardrivers, but I am unfamiliar with any criminalization of operating a unsecured network.

    I am not trolling, and I am not disagreeing that it is a bad idea (although the risks are slightly overtsated IMO). My home network is secured with WPA-psk. But I am interested in the subject and find the additional information interesting.
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    I wasn't talking about it being illegal to run an unsecured network, but illegal to use someone elses unsecured network.


    As to can they steal something from your machine. If you are firewalled, and have file sharing off, not likely. Biggest risk, is everything they do traces right back to YOU. Just no sense in taking that risk.
     
  6. tradetime

    tradetime Registered Member

    Joined:
    Oct 24, 2006
    Posts:
    1,000
    Location:
    UK
    Hope you know them very well, as if they have any illegal surfing habits you may get a very rude awakening one morning from the boys in blue.
     
  7. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Very nice of you. If you trusted them completely, then you would not ask
    It would depend on your firewall setup. To ensure that they could not access your PC you would need to disable netbios(or at least block the ports 137-139/445), this can block direct access to filesharing, but, you should also ensure that the LAN is not set as trusted, and have in place anti-spoofing for ARP/IP (and DHCP if this is active), and should block all IP`s on LAN apart from the router.

    Comment:

    As mentioned above. You should also consider as to what surfing habits/downloads your "shared users" will make. Your ISP will only see the connections "as" from you, they will not be able to distinguish any possible illigal activity made by your "shared users", and it is you that is bound to the agreement of the ISP, and you who is accountable.
     
  8. Jo Ann

    Jo Ann Registered Member

    Joined:
    Jan 6, 2007
    Posts:
    508
    As others have suggested, from a security veiwpoint it is a very bad idea! ...and even if you trust your neighbor, anyone else (within range) could jump onto your connection.

    Enable WEP protection. While it's about the weakest of all wireless protection methods, it will suffice to keep all PC novices from piggy-backing your connection.
     
  9. nexstar

    nexstar Registered Member

    Joined:
    Jun 23, 2004
    Posts:
    371
    Location:
    Southampton, UK
    I guess the short answer is 'yes', if you don't do as others have suggested and protect your system(s).

    I also share my connection with my neighbour. In my case, she lives on her own, is 78 years old and uses a Netgem iPlayer set-top box with a wireless usb adapter to receive email from her relatives. If she manages to hack my firewall and get into my system then I will be most impressed :) .

    I think it is one of the cases though of, if you need to ask the question then it is probably a bad idea.

    Graham
     
  10. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Where did that come from? He most likely already has encryption and is going to share the key, since he is asking if he will allow the users onto his network. It seems that he already has some method of stopping them from connecting.

    I also am wondering why you suggested WEP, since you might as well just use something stronger since it is the exact same hassle, with more protection.

    I agree that it is a horrible idea. As others have said, everything comes right back to you if someone does anything malicious (including filesharing and being caught for uploading, which would be blame on YOU). In addition, it is illegal most likely to "share" and internet connection, since you are depriving your ISP of money and sharing their resources.

    However, if you decide to go through with it, make sure all of your computers has some sort of firewall that will block everything coming at it. You will have to treat your LAN as the WAN, so it is now as safe as exposing your pc directly to the internet. In addition, if you can handle it and your router allows it, try to funnel all of your connections through a ssh/vpn tunnel to the router, so that they can't steal things such as passwords. I now this may sound paranoid, but it can help.

    Another thing you will have to consider is that even though you trust them, their friends may come over and need to use the internet, then guess what, they are no longer the only ones using it and someone else has your wireless key.

    Just some things to think about.

    Cheers,

    Alphalutra1
     
  11. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    That is a very good point although I didn't make that assumption from eniqmah's post. There is a world of difference in running one's network "open" for all within range, vs giving your WPA-PSK to a single neighbor whom you more-or-less trust.

    Eniqmah, if you still intend to share your connection with your neighbor, it is still advisable to encrypt your wireless.
     
  12. Genady Prishnikov

    Genady Prishnikov Registered Member

    Joined:
    Mar 9, 2006
    Posts:
    350
    I have to agree with opitigrab. While the sharing of the network would certainly be against the Terms of Service with the ISP, there's nothing "illegal" about it. In fact, the few prosecutions for wardriving I have known about have all been thrown out. I also noticed optigrab lives in Brooklyn. In Brooklyn, just walk a half block and another 15 unsecured networks pop up - it's a way of life to jump on what's available. To attempt to prosecute that would be, well, impossible.

    One thing though: Be sure and turn off file and print sharing.

    Genady
     
  13. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    FWIW, I use IPCop: HW Stateful Linux Firewall and it supports 4 interfaces
    This allows me to have to have a BLUE wifi network using the same Comcast cable, but the BLUE network CAN NOT access my GREEN lan network.

    Mike
     
  14. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Sorry I should have been more clear.
    My connection is protected with WPA. I have a firewall going.
    I intend to share the key with a couple of neighbors whom I've known for a while. Needless to say, I want to secure my files for the sake of being cautious any how.

    My understanding of the matter is that I will be responsible for any illegal traffic on my network, but this is not what I'm concerned about; I have means of monitoring/restricting that type of activity.

    I would like to know more about securing my files. (I.e, turning off filesharing, etc...)
    Coincidentally, I have filesharing turned off, but still see those ports open (137-445). See screenshot below.

    I don't understand this part, would you elaborate?

    Still, with learning as the point of departure, how would Sammy, who is connected to my network, able to steal a file sitting on my computer?

    My computers have the following services running / or not running, in the following manners:

    Service: state startmode
    DHCP Client: running auto
    DNSCache running auto
    network connections running manual
    NLA running manual

    The rest are as shown in the screen shot below.
     

    Attached Files:

  15. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    You could try acting like a bad guy on your own network... see Nmap.

    Mike
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    You know, if you read this forum, there is a lot of discussion about software, and technical stuff. But in so many cases, your best protection is good old fashioned common sense.

    You are worrying about the technicality, but ignoring the common sense advice.
     
  17. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    Sounds like the OP knows what he's doing, now it's time to add encryption to your selected files/folders if you haven't already.
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I wouldn't share either. How good do you really know people ? A friendly relationship isn't always forever and then what, pull the plug ? :D
     
  19. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    Depends - is the neighbor hot? ;)
    If they get annoying/noisy/boring/PITA/whatever, then yeah, pull the plug.
     
  20. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    Sorry to disappoint you. My common sense is dull and boring and overwhelmed by the hotness of my neighbor. My request is for the technical stuff, partly to learn more about this stuff, partly to sleep with my nieghbor. :)
     
  21. charincol

    charincol Registered Member

    Joined:
    Nov 10, 2005
    Posts:
    113
    Now there's a smart man. Use whatever means available to score!

    Make sure file and print sharing is turned off, and if you are the only one with physical access to your computer, then do not have a password on your account. Windows will not allow ANYONE to remotely log onto your user account if there is no password on it.
     
  22. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    oh my
    seriously?
    DO NOT have a pw? Can some one verify this please?
    User password has always been stressed in most every article I've read.
     
  23. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Actually, this is just a local security policy setting (see below), which can be readily disabled if desired.... A password is always recommended if you wish to control access.

    Blue
     

    Attached Files:

  24. eniqmah

    eniqmah Registered Member

    Joined:
    Jul 7, 2006
    Posts:
    391
    TY. More research to do. Never seen that one before.
     
  25. flinchlock

    flinchlock Registered Member

    Joined:
    Jan 30, 2005
    Posts:
    554
    Location:
    Michigan
    http://www.microsoft.com/technet/archive/security/chklist/xpcl.mspx?mfr=true

    Mike
     
Loading...
Thread Status:
Not open for further replies.