Acessing Internet Through LAN (How Secure)
dm...@aol.com
computer to a hole in the wall, ten accessing to a LAN. How secure is
this method of accessing the internet?
Can those who run the LAN see what i'm doing, what sites I'm visiting,
what i'm downloading etc.
SOrry if I appear ignorant
Thanks
Dan
<dm...@aol.com> wrote in message
news:1127436759.1...@g44g2000cwa.googlegroups.com...
If you are using a firewall on your computer, in general, no they cannot.
But if they really wanted to they could (bit like anything really) see what
dirty sites you're visiting by using a packet sniffer.
Dan
Lurch
>If you are using a firewall on your computer, in general, no they cannot.
For added security a hardware firewall\router could be used in
conjunction with a software one if required.
--
Stuart @ SJW Electrical
Please Reply to group
Mike
><dm...@aol.com> wrote in message
>news:1127436759.1...@g44g2000cwa.googlegroups.com...
>> My new internet connection works by me plugging my RJ45 cable from my
>> computer to a hole in the wall, ten accessing to a LAN. How secure is
>> this method of accessing the internet?
>>
>> Can those who run the LAN see what i'm doing, what sites I'm visiting,
>> what i'm downloading etc.
>
>If you are using a firewall on your computer, in general, no they cannot.
I don't follow that, at all. The presence of a firewall on his
computer won't do anything to protect his Internet traffic from
examination by "those who run the LAN". (Unless you're envisaging
some scenario I've missed?) His Internet traffic has, by definition,
been passed by his firewall, if he has one.
>But if they really wanted to they could (bit like anything really) see what
>dirty sites you're visiting by using a packet sniffer.
Quite! I imagine that such interception is very rare but he only way
to protect aginst it is to use encryption, perhaps an ssh tunnel.
Mike.
McSpreader
news:4333685a$0$49804$ed2e...@ptn-nntp-reader04.plus.net:
No need for packet sniffing. A LAN will have a router or gateway
device to connect to the Internet. Such devices often have the
ability to log all sites visited.
Ian Stirling
It may also be against the T&Cs of the LAN to connect up internet connections
not approved by the admins.
This may result in severe sanctions in some cases.
Jim Howes
> My new internet connection works by me plugging my RJ45 cable from my
> computer to a hole in the wall, ten accessing to a LAN. How secure is
> this method of accessing the internet?
>
> Can those who run the LAN see what i'm doing, what sites I'm visiting,
> what i'm downloading etc.
If the local network runs to a switch, it is unlikely that any other residents,
apart from the owner of said switch, will be able to intercept traffic, as the
switch will not send out traffic to ports to which packets are not addressed.
Broadcast packets, which include microsoft SMB LM announcements, will, however,
leak to all residents. If you have file and printer sharing enabled and no
firewall enabled on that interface, then you have a major security problem
unless you trust the other LAN users.
Furthermore, if the connection you are sharing is a fully routed connection
(i.e. you are not all hiding beind a NAT box) then all of your systems can be
seen from outside.
What is the IP address that the (whatever it is) offers you when you connect to
that port? If it's a 10.x.x.x or 192.168.x.x or othe RFC1918 address, you are
probably hiding behind NAT, although the owner of that NAT box could forward
some incoming connections to you.
You should assume in all cases that the owner of the wires can see what it
travelling over those wires. There are ways to avoid this by tunneling to a
known friendly site via PPP over SSH, using GPG, etc. but the owners of the
wires could object to that, for whatever reasons their terms and conditions of
access may provide, and if they are routinely monitoring their network, doing so
may point the searchlights in your direction real quick.
Jim Howes
> Arp cache poisoning will readily solve that minor irritation in most
> cases.
It's been a while since I had a play with that particular concept. How true.
However, your average Joe User with Windows XP and perhaps Ethereal has no clue
how to send out such mangled packets. The average script kiddie has no idea
what such packets are, just that he has a tool that can mung a network in a few
seconds (said script kiddie would probably find me hitting them repeatedly about
the head with their front door, having just smashed it down, if I were the
netadmin in the typical (university residential) environment that the OP's
network is used)
Jim
--
I'm sometimes of the opinion that 95% of network abuse problems can be solved,
or rather should be solved, by violence.
Ivor Jones
<dm...@aol.com> wrote in message
news:1127436759.1...@g44g2000cwa.googlegroups.com
If you are using someone else's LAN they have every right to know what
you're doing on it. Certainly if you were using mine I'd want to know, if
you tried to conceal anything you'd be off the system so fast your feet
wouldn't touch.
Ivor
poster
>traffic has, by definition, been passed by his firewall, ...
>only way to protect aginst it is to use encryption, perhaps an ssh tunnel.
agreed, on both points. Firewalls are handy, if not essential, but nowt to
do with "hiding" the content of the traffic (though if I saw such traffic,
it would ring alarm bells about why a user would *need* to use it for all
(or most) traffic, given the way an ssh tunnel is likely to be used. PGM
--
UK ADSL <http://tinyurl.com/5jpa4> - Happy to save cash with Plus.Net!!
bi...@ben.com
>> cable from my computer to a hole in the wall, ten
>> accessing to a LAN. How secure is this method of
>> accessing the internet?
>>
>> Can those who run the LAN see what i'm doing, what sites
>> I'm visiting, what i'm downloading etc.
>>
>> SOrry if I appear ignorant
>>
>> Thanks
You could just VPN in to another LAN that has Internet Access.
From home, I can VPN to my office and get onto the Internet that way. No
one would have any reason to suspect I was doing anything I shouldnt be.
It depends what resources you have to hand.
dm...@aol.com
amount of money to access broadband in my room.
The IP address is a 10.xx.x.xx one.
Bob Eager
> My new internet connection works by me plugging my RJ45 cable from my
> computer to a hole in the wall, ten accessing to a LAN. How secure is
> this method of accessing the internet?
>
> Can those who run the LAN see what i'm doing, what sites I'm visiting,
> what i'm downloading etc.
At a university, yes. They've given you a private IP address (10.x.x.x),
not a publicly usable one (not uncommon).
They have every right to look at what you're doing, even if it's semi
automatic. They'll want to know if you're doing P2P, for a start, or
downloading porn, or trying to hack into websites, or..or..or...! It'll
be in your T&Cs or equivalent..
--
[ 7'ism - a condition by which the sufferer experiences an inability
to give concise answers, express reasoned argument or opinion.
Usually accompanied by silly noises and gestures - incurable, early
euthanasia recommended. ]
Ivor Jones
<dm...@aol.com> wrote in message
news:1127756762....@z14g2000cwz.googlegroups.com
> Thanks for all the replies, yeah I'm at uni and paying a
> ridicolus amount of money to access broadband in my room.
>
> The IP address is a 10.xx.x.xx one.
That's an internal IP generated by a DHCP server, probably on the router.
Ivor
Bob Eager
wrote:
Of course, that is really two unconnected statements...
a) It's an internal IP
b) It *may* have been generated by a DHCP server! (probably was, but...)
Owain
> dm...@aol.com wrote:
>>Can those who run the LAN see what i'm doing, what sites I'm visiting,
>>what i'm downloading etc.
> They have every right to look at what you're doing, even if it's semi
> automatic. They'll want to know if you're doing P2P, for a start, or
> downloading porn, or trying to hack into websites, or..or..or...! It'll
> be in your T&Cs or equivalent..
If the student bedroom network connects to the internet through the uni
and thence JANET (Joint Academic Network) rather than a commercial
provider such as NTL, then the university will enforce JANET's terms and
conditions - which are rather stricter than most ISPs, particularly with
regard to commercial use. Even things like FTP may be banned.
Reading and understanding the uni's Ts&Cs would be well advised, as the
consequences for transgression can be invocation of the uni's formal
disciplinary procedure, which might lead to being sent down for
something really bad.
Owain
Bob Eager
wrote:
Tell me about it. I used to chair the hearings...one guy turned up and
tried to blind me with science - until he found out what department I
worked in and what I taught...!
dm...@aol.com
and the broadband is provided by BT, more at www.ubroadband.net
The primary protocol list??? is at