Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Secure my Computer/Data


  • Please log in to reply
11 replies to this topic

#1 softwolf

softwolf

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 25 April 2012 - 09:26 PM

Hi I am concerned that someone in my house my be spying on my online activities as well as the data on my actual computer. My computer is connected by ethernet cables to a switch which in turn is connected to a shared modem others in the house are connected likewise. My computer is password protected and I have Avast Free Antivirus, Zone Alarm Firewall, and Malwarebytes installed on it. However I once lived with someone who stole my identity by breaking into my computer and while I pressed charges against this person and they were eventually convicted the experience has still left me a little concerned about security. I would prefer to be safe than sorry. I have been researching methods to protect myself and frankly I am quite confused about most of them as I am not the most savy in this area. The ones which seem to hold the most promise are secured vpns and https but frankly I am a little confuse about how they work or if either one would really do the trick. Could some of you give your thoughts on these methods or for that matter share your thoughts on any method that I may have overlooked.

BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 26 April 2012 - 02:31 AM

How is the physical security of your computer? Can someone in your house enter your room and physically access your computer?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 softwolf

softwolf
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 26 April 2012 - 09:53 AM

My door is locked at all times unless I am in my room so I am pretty comfortable with the physical security of my computer.

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 26 April 2012 - 02:35 PM

That is good, because there's little use to digitally protect your machine when someone has physical access to it.

In your case, you must consider the LAN you are connected to as hostile. So make sure your machine is patched and that it offers no services on the LAN interface, e.g. that all ports are closed.

Do you now how much control the other users have over the network?
Do they have physical access to the switch and modem, and to the cables?
Do they have logical access to the switch and modem (management access, can they change settings)?
Do you know if it is a real switch, or a hub? And is it an unmanaged or managed switch?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 softwolf

softwolf
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 26 April 2012 - 03:42 PM

I will work on closing the ports but that will take some more research.
Do you now how much control the other users have over the network? - I guess others in the house have similar physical access
Do they have physical access to the switch and modem, and to the cables? - Yes everyone has physical access to the modem and switch.
Do they have logical access to the switch and modem (management access, can they change settings)? - Only the landlord has that but frankly I don't particularly trust him either.
Do you know if it is a real switch, or a hub? And is it an unmanaged or managed switch? - I'm not sure I'll explain the setup. I live on the 3rd floor and the actual modem is on the second floor. The 1st floor has a switch which is connected to the modem on the 2nd floor. The 3rd floor is connected to the 2nd floor similarly but instead of a switch it has a wireless modem and my ethernet cables extend from it into my room. In my room I have a switch for my computers.

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 26 April 2012 - 04:10 PM

Then we must assume that someone else can intercept your network traffic, and that it is safer to encrypt this traffic.

There are a couple of solutions, like you mentioned https and vpn.

But good and fast VPN solutions are not free. You say you have a personal switch. How many computers/mobile devices do you have?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 softwolf

softwolf
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 26 April 2012 - 06:47 PM

Yes I have a switch in my room and there are 2- 3 computers connected to it as well as a laptop. The laptop is usually on at all times s well as at least one of the desktops. If I had to I could pair down to 1 desktop and 1 laptop. I would be willing to pay for a bit of piece of mind.

Edited by softwolf, 26 April 2012 - 06:49 PM.


#8 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 27 April 2012 - 11:07 AM

HTTPS is not a solution for you, because not all sites support it, and many sites that support it, only use it for authentication.

A VPN subscription costs between $30 to $50 per year, but you can only use it on one machine at a time, unless you pay extra.
Another solution is to get a router that you configure as a VPN endpoint.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#9 softwolf

softwolf
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 30 April 2012 - 09:48 AM

I am okay with the cost of VPN services and I'll more than likely just have subscriptions for 2 of my systems. I read some good stuff about WiTopia but can anyone recommend some other good VPN services?

#10 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 30 April 2012 - 04:08 PM

Are you living in the US and do you want the VPN server to be located in the US?

Having your VPN server in the same country usually gives the best network response times.

And it helps preventing issues with IP geolocation.
For example, if you are in the US and you would use a proxy in The Netherlands, then you wouldn't be able to view some YouTube movies because they are restricted to users in the US. And although you are in the US, the YouTube servers would assume that you are in The Netherlands because you access them from an IP address in The Netherlands.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#11 softwolf

softwolf
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 01 May 2012 - 01:44 PM

Yeah I am in the US and would prefer a server located here as well. Any suggestions for VPNs?

#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:02 PM

Posted 02 May 2012 - 03:53 PM

I've only used StrongVPN in the US. Worked fine, nothing to complain about.

But there are many companies. Google for VPN reviews.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users