Jump to content
Sign in to follow this  
rmsmits

Network Security

Recommended Posts

Confession time:

When I use Skype, my internet connection is sometimes too slow and drops the call. My solution has been to jump on my neighbors much faster internet connection. Since they obviously are not locking down their network, my question is am I opening up myself from a security standpoint during that time? For instance, will my computer be visible to anyone in the area? ALthough I can see an jump onto my neighbor's networks, none of their computers show up in my sidebar like what I see when I'm in a hotel or something.

 

Thanks.

Share this post


Link to post
Share on other sites

> is am I opening up myself from a security standpoint during that time?

maybe.

pretend that you are working in a coffee shop. when I do this it's shields up. I turn file sharing off. web server is off (unless I'm doing dev work which I never do at coffee shops). iTunes sharing is off. iPhoto sharing is off. it's just all off. that way nobody can see that the Mac is there. if you really want to be stealth about it change the name of your Mac to something like - or -*- or -+- "weather station" so it doesn't link back to you if the guy who's router your using is reading DHCP logs. (why yes, I do read my DHCP logs.)

think about running HTTPS everywhere in FireFox or the equivelent in Safari:

https://www.eff.org/https-everywhere

http://www.nearinfin...everywhere.html

consider making another user and only run Skype from that account. that way you'll know that it's already setup for submarine mode meaning you won't have to do and undo it just to hop on that network.

Edited by johnfoster

Share this post


Link to post
Share on other sites

My solution has been to jump on my neighbors much faster internet connection. Since they obviously are not locking down their network, my question is am I opening up myself from a security standpoint during that time?

 

Two issue. In reverse order:

 

1) If you can jump onto it, so can anyone else. Even though you can't see the neighbor's devices does not mean somebody else cannot see yours ... thus the suggestions John made.

 

2) Are you sure this neighbor is not on some limited bandwidth plan ? If he/she is, your usage may be affecting the bill.

Share this post


Link to post
Share on other sites

I don't know if my neighbor has a limited bandwidth plan, but I don't make it a habit to use their connection. I try to keep it to a minimum for that reason. It's just frustrating when family members want to see their niece or grand daughter and my basic broadband keeps dropping the Skype call.

Share this post


Link to post
Share on other sites

you could easily figure out who the provider is and then look up the plans in your area. open the Terminal then type traceroute domain_name.com. you'll get something like this:

 

 


john:~ john$ traceroute knowtech.tv
traceroute to knowtech.tv (69.163.176.66), 64 hops max, 52 byte packets
1  192.168.1.13 (192.168.1.13)  1.272 ms  0.628 ms  0.607 ms
2  75-101-56-1.dsl.static.sonic.net (75.101.56.1)  28.765 ms  24.705 ms  24.865 ms
3  gig1-28.cr1.colaca01.sonic.net (70.36.228.97)  24.978 ms  23.722 ms  24.755 ms
4  po3.cr1.lsatca11.sonic.net (75.101.33.166)  24.856 ms  24.687 ms  24.828 ms
5  0.xe-7-1-0.gw.pao1.sonic.net (69.12.211.5)  24.921 ms  25.058 ms  24.529 ms
6  xe-1-0-6.ar1.pao1.us.nlayer.net (69.22.130.85)  30.035 ms  29.424 ms  24.933 ms
7  ae0-80g.cr1.pao1.us.nlayer.net (69.22.153.18)  49.952 ms  54.742 ms  44.982 ms
8  ae1-50g.cr1.sjc1.us.nlayer.net (69.22.143.165)  24.952 ms  24.193 ms  25.520 ms
9  ae1-40g.ar2.sjc1.us.nlayer.net (69.22.143.118)  30.092 ms  29.755 ms  30.062 ms

 

the 1) entry is your IP address as assigned by the router. the 2) entry is the IP address that the router is connected to. this will tell you the host name. you might see roadrunner, comcast, pacbell, covad, or some other name. from there you can look up the plan using that domain name.

 

if your DSL connetion is a very old installation consider talking to you provider about new options. lots of companies cap down/upload speed based on the contract your signed years ago. in some cases you don't even need new hardware to get a faster connection. just change the service your service plan and you're fast fast.

Share this post


Link to post
Share on other sites

you could easily figure out who the provider is and then look up the plans in your area. open the Terminal then type traceroute domain_name.com. you'll get something like this:

 

 


john:~ john$ traceroute knowtech.tv
traceroute to knowtech.tv (69.163.176.66), 64 hops max, 52 byte packets
1  192.168.1.13 (192.168.1.13)  1.272 ms  0.628 ms  0.607 ms
2  75-101-56-1.dsl.static.sonic.net (75.101.56.1)  28.765 ms  24.705 ms  24.865 ms
3  gig1-28.cr1.colaca01.sonic.net (70.36.228.97)  24.978 ms  23.722 ms  24.755 ms
4  po3.cr1.lsatca11.sonic.net (75.101.33.166)  24.856 ms  24.687 ms  24.828 ms
5  0.xe-7-1-0.gw.pao1.sonic.net (69.12.211.5)  24.921 ms  25.058 ms  24.529 ms
6  xe-1-0-6.ar1.pao1.us.nlayer.net (69.22.130.85)  30.035 ms  29.424 ms  24.933 ms
7  ae0-80g.cr1.pao1.us.nlayer.net (69.22.153.18)  49.952 ms  54.742 ms  44.982 ms
8  ae1-50g.cr1.sjc1.us.nlayer.net (69.22.143.165)  24.952 ms  24.193 ms  25.520 ms
9  ae1-40g.ar2.sjc1.us.nlayer.net (69.22.143.118)  30.092 ms  29.755 ms  30.062 ms

 

the 1) entry is your IP address as assigned by the router. the 2) entry is the IP address that the router is connected to. this will tell you the host name. you might see roadrunner, comcast, pacbell, covad, or some other name. from there you can look up the plan using that domain name.

 

if your DSL connetion is a very old installation consider talking to you provider about new options. lots of companies cap down/upload speed based on the contract your signed years ago. in some cases you don't even need new hardware to get a faster connection. just change the service your service plan and you're fast fast.

 

A much easier way to find out the ISP was to just go to speedtest.net and run it. I found out that my neighbor is using Time Warner which I've had before and it is fast, but their customer service is so bad I can honestly say it was one of the (if not THE) worst experiences I've ever had with any company.

Share this post


Link to post
Share on other sites

maybe it's easier but it's not giving you all the infromation. I always use the CLI tools when trouble shooting or learning about a network. you can more easily discover problems like double NAT, if the ISP is running a caching server like SQUID or how many hops your service is away from a source (why is this thing slow was the question). because I work with lots of remote machines the same tools still apply. I'm not always connected to the remotoe box using a GUI service like VNC.

Share this post


Link to post
Share on other sites

I found out that my neighbor is using Time Warner which I've had before and it is fast, but their customer service is so bad I can honestly say it was one of the (if not THE) worst experiences I've ever had with any company.

 

Time Warner doesn't use bandwidth caps presently, so the neighbor should be unaffected by your usage. If the neighbor and you are on good terms, why not try the "Laporte Initiative" ? ( just an idea Leo Laporte has suggested to others in your situation).

 

Approach the neighbor and tell them that you have discovered the network is open. Then offer to secure it for them in exchange for being able to access it. Even if they turn you down, you can still do what you've been doing and this way you earn valuable kharma points. Besides, better you bring it to their attention first, and have a chance to benefit from it, before another friend or relative helps them out and locks it down on you.

Share this post


Link to post
Share on other sites

my first rule of tech support is "don't touch it unless you are willing to own it." that is. after you offer to fix something for somebody are you prepared to deal with every other unrelated problem that comes up from here on because you (meaning me) were the last person to touuch it. it happens every single time no matter how clear you are about what it is that you are fixing. this is especially true for networking issues. comcast goes down for half a day you'll get the call because you know, you fixed it last time.

 

rule two. it will always be your fault when things don't work. printer out of ink? that's you. TV show stutters? you touched it last. .EXE from work isn't compatible with their Mac. never mind that it was written for a completely different OS you'll get the blame for it not working.

 

rule three. you'll get introduced as "my computer guy" to random person with the expectation that you'll "just fix it" like you did for them. for free BTW.

 

rule four. the "you did something" accusation. different from rule #2 because it used to work. oh, you have teen agers? you need to point the figure at the obvious.

 

rule five. you'll become a perveyor of stolen software. you'll suggest that they buy the upgrade but the girl will pout or do that thing with her ears then before you know it your an expert at cirmcumventing actiavtion events.

 

rule six. no matter how much you've peached back up, back up, back up, back up, back up, back up, back up, back up, back up, you'll get called in to rescue the borked spinning disk. your first question of "is there a back up" will return the, "yeah, I know, you said, I was meaning to buy that that that that thing you said to buy…"

 

at this point leave. because you don't want to know that suddenly they are willing to shell out $2500 for drive recovery. money that would have: bought real software, purchased backup media, upgraded new hardware, got a better router that could run Tomato or DD-WRT, funded an offsite backup service for 5 years.

 

next time somebody asks tell them you're a writer.

Share this post


Link to post
Share on other sites

If one does not want the hassle that may ensue by working a deal for fair use of a neighbor's wi-fi, one could always upgrade their own service and/or stop using the neighbor's. I'm just trying to suggest to rmsmits a way to continue the status quo with less guilt. :rolleyes:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing

    No registered users viewing this page.

  • Who's Online (See full list)

    There are no registered users currently online

×