I'm a student and live in a house with lots of lodgers, some of them only 2 month stay overseas students with laptops. We have a wireless internet connection that we all use which is in my name. I think I have set up protection from the outside as best I can 128WEP and the router (belkin) boasts firewall capabilities that I dont understand. I have antivirus, spyware and wifi cracking programs (trend and lavasoft) and am not aware of anything coming from the outside.
My real concern is that the people who come to stay (all of whom have been great so far), could do anything on the internet and it would be my fault, as the world would see my IP no? I have not used any harddrive cleaning software on my pc so that if it ever needed to be 'examined' it would come up clean (of anything serious anyway). Recently a lecturer of mine went to jail for child p*rn, it made me realise that I cant just trust blindly the people whom i have essentially given my identity. how can I protect myself? please help
btw, I have a desktop that i could dedicate to monitoring/firewall type things if that would help
It'll take me a little while to fully get my head round everything you said well enough to carry it out. I'm glad it sounds like I'll be able to sort it though, I'll let you know how i get on.
Yes. The world sees everything coming from your IP address. The real danger is in spyware. A clueless student arrives with a laptop that has been taken over by a trojan horse program and gets used as an inadvertent spam reflector or DDOS (distributed denial of service) attack machine. If someone brings a new computah into the house, have them demonstrate that they can pass a virus scan and a spyware scan. If they don't have anything installed, have them run an online version such as:
formatting link
'll also assume that you have WEP security installed so that random passerby's can't use your wireless.
If it ever gets to the point where you PC is confiscated as evidence, you're well beyond what can be done with additional software and firewalls. You might look into what corporations and some libraries do to prevent their employees from browsing "evil" web sites. Many firewalls (i.e. Sonicwall) offer "content filtering" services, that install a list of known bad sites in the router.
formatting link
you're going to be very unpopular if you apply such software.
Of course. Anyone with evil intentions will surely want to attack your monitoring system. The easiest way to deal with such things is to simply protect yourself with some light weight monitoring. My Linksys BEFW11S4 router will generate SNMP "traps" that can be used to log what everyone is doing. Other routers use "Syslog" to do the same thing. The captured log files can be used to generate a report of who was doing what at what time. I use:
formatting link
only save about 3 days worth of log files. I'm less interested in snooping on what people are doing as detecting trojans and viruses on my wireless neighborhood network. Just tell your boarders that you "log all web activity" and that if the police arrive with a search warrant, they will be presented with the appropriate log files.
Here's a sample output for the last web page I looked at:
It's a bit tricky identifying clients with DHCP, so I use the "static DHCP" feature of the router to permanently assign an IP address to a specific wireless client. 192.168.1.10 is always my desktop. It's easy enough for a user to assign their own IP address or borrow someone elses, but I also log changes to the ARP (address resolution protocol) table with "arpwatch" to check for that.
" snipped-for-privacy@gmail.com" wrote in news: snipped-for-privacy@g47g2000cwa.googlegroups.com:
Well do you have a NAT router that logs inbound and outbound traffic to and from the router and a log viewer to accumulate and view the logs? You'll need that to see what remote IP(s) are being connected to and to what LAN IP(s)/machines behind the router are doing it.
Then you got take a remote IP and eneter it into the *whois serach* box and find out what site is about.
formatting link
I doubt that the Belkin NAT router has logging.
Yes, that's all the Belkin is boasting is FW like capabilities and it's not a FW appliance on the topic of *What does a FW do*.
If you had a situation where you had to stop inbound from a remote IP or outbound from a LAN IP behind the router, you couldn't do it, since the NAT router is not running true FW software like a FW appliance.
formatting link
Most likely all you have is a NAT (no FW) router with some FW like features that couldn't stop or control a fly if the fly had a dubious nature about it or have any evidence (logs) that it wasn't you.
formatting link
Maybe, you should look into a low-end FW appliance and plug a wireless access point (WAP) into the router. You could turn that Belkin router into a wire/WAP switch (most routers have a built in switch) and plug it into FW applinace for better control of your situation.
formatting link
Yes, and you can use the desktop and point the router or FW appliance logs to it and accumulate them and view the logs with a log viewer.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.