Shared network security help.

Shimo · Post by **Shimo** » 08 Jun 2008, 16:31

Ok so one of my room mates is using the same Internet as me and he goes to a lot of porn sites... Im afraid since we are both hooked up to the same splitter box that hes gonna get some spyware thats going to start scanning the packets going through the splitter. I do some online banking and I was wondering if there is a sure fire way of protecting myself... He is running a windows Vista home edition desktop pc and I run win xp and open suse on a desktop pc... He has had the Internet hooked up for about 3 hours now and has spent the past 2 hours surfing porn sites... I know this because I poisoned the packets being sent through my splitter. So Im nosy sue me... anyways what is a surefire way to protect myself... Preferably open source...

Lyecdevf · Post by **Lyecdevf** » 09 Jun 2008, 00:53

I am a little bit confused here. You probably mean a router!

n3rd · Post by **n3rd** » 09 Jun 2008, 03:47

Well usually banks make use of SSH for a login if I am correct so the packets should be encrypted.

Next, if you are able to read his packets then this also means he can read your packets that float arround (if he has such a program)

Other then that, ask your roomy if he runs a anti virus/spyware program, if so then the risk of getting infected is alot lower then when he is running is withouth a protection program.

Post by **bad_brain** » 09 Jun 2008, 04:45

hm, I guess you meant a router...and in this case it is already very secure because only the router is connected to the internet directly, the 2 computers are using private IPs to connect to the router, and those IPs can't be accessed from the internet.
so don't think an attacker from the outside can sniff the packets as easily as you can, you only can do it because you are a part of the physical network...and attacker from the outside would have to hijack a router or DNS server and run a man-in-the-middle attack to get a grip on your internet traffic....which is very unlikely, such attacks are 99.9% against servers where the attacker can be sure the box keeps the same IP. and such attacks are very rare anyway, none of the usual skiddies could ever do it.

when doing online banking make sure the address is "https://" the "s" shows an encrypted connection is used, any bank should use such connections for online banking....all traffic is encrypted then, and it's practically impossible to crack it.

to make it short: you are safe, only your room mate can sniff your packets like you did with his ones. the rest is everyday security like using a good AV and a secure browser...

Shimo · Post by **Shimo** » 09 Jun 2008, 07:45

My only problem is that I know he doesn't run AV or Anti spy... I know their are trojans out their that will install a packet scanning program... Heck I've made a few... He is very computer illiterate and doesn't trust me to install anything on his computer... He was thinking about norton untill he found out it costs money... I would be a lot happier if he had that even..... Well any ways thank you for the help...

Post by **bad_brain** » 09 Jun 2008, 09:57

hm, you could try to set up an own private network for your box, simply by using a different IP/subnet...
let's say the one of your room mate is 192.168.0.2, you could use 169.168.0.2 with 255.255.255.254 as subnet...this way your 168.-network would only allow 2 hosts (your box and the router)...of course the router has to support using 2 networks and must be able to provide 2 IPs, check the config.

but of course it would be good if your room mate runs an AV/firewall, of course free ones aren't as good as the good commercial ones like Kaspersky, but better a free one than none at all.

oh, and even if your packets from online banking are captured by your room mate's infected box, as long as the https-protocol is used it don't matter because the packets are encrypted...

Lyecdevf · Post by **Lyecdevf** » 09 Jun 2008, 10:42

How about if you sniff his internet connection and watch for any information that is being sent to some wired location. Also you can port scan his machine and see if he has any trojan ports open!

Post by **Big-E** » 09 Jun 2008, 11:15

Good call, you could also go a step further as to install an old box as a firewall and filter all traffic to and from the internet. I can give you a few recommendations on some tools you can utilize for a nice set up, which will email you upon any alerts which may be associated with an attack or viral infection.

Shimo · Post by **Shimo** » 09 Jun 2008, 17:46

I would love to get a list of some of those programs... I think I have an old box lying around somewhere at my parents house.

Post by **bad_brain** » 10 Jun 2008, 03:42

you can use any Linux distro for this job, but there are also specialized ones like Devil Linux: http://www.devil-linux.org/home/index.php

Shimo · Post by **Shimo** » 10 Jun 2008, 12:52

Thanks bad_brain... Now I just got to get an old box with a disk drive...... Could be a problem lol I like to use my disk drives to the breaking point. I think a friend might have an old box I can buy off of them.. Im going to look around.