CoolPerson
@edu.au
| how to prevent other users on same wifi network spying on me
hi everyone,
ive done a search about this on the internet, but it usually gives me results about how to secure the network itself via WEP WPA and setting up an SSID and all that. unfortunately thats not what im after.
i just moved in a new place, and theres 4 other dudes using the same wifi and they seem all IT savvy. they've hidden the SSID, encrypted it and everthing.
im just a bit worried that they might be able to spy on me.
firstly, would it actually be possible for them to see what im doing as im doing it? ie. remotely watching my monitor?
secondly, can they monitir what websites im visiting via the router or something? (ie does the router keep a cache, if so, how can i stop it)
and lastly (most important question), what can i do to prevent it?
will installing a good firewall prevent this?
any advice will be most appreciated. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| The general principle here is that he who controls the router can potentially "spy" on the activity of users of that router.
Solution 1: Get your own connection that you don't share with these dudes.
Disadvantage: Your connection would still go through the ISP's router, and the ISP could still spy on you.
Solution 2: Sign up for a VPN service, where all of your connections go through the VPN. Then those dudes could only see that you have a VPN connection, but could not see what you are doing through that connection.
Disadvantage: The people who run the VPN could spy on you.
Solution 3: Lose your paranoia, and stop worrying about it. They could not remotely watch your monitor anyway, assuming that your computer itself is reasonably secure. They could at most monitor the list of sites you visit and the content of your non-SSL connections. And, unless you are doing something very unusual, they would find watching you to be so boring that they would not bother with it.
--
AT&T dsl; Speedstream 5100b modem; Zyxel NBG334W router; openSuSE 11.0; firefox 3.0.11 |
|
Argonite
Premium
join:2009-03-24
New York, NY
| reply to CoolPerson
Some routers (I know certain Linksys ones do) also have an AP Isolation option that may be useful in your scenario.
AP Isolation
"Creates a separate virtual network for your wireless network. When this feature is enabled, each of your wireless client will be in its own virtual network and will not be able to communicate with each other. You may want to utilize this feature if you have many guests that frequent your wireless network." |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| reply to CoolPerson
Yes, the router admin could possibly have log information as to sites visited etc. Content not likely. If its not illegal why worry??? As long as you do not have OS sharing enabled (same windows workgroup name etc) and you have your firewalled enabled, you should be fine. |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by Anav  :Yes, the router admin could possibly have log information as to sites visited etc. Content not likely. If its not illegal why worry??? As long as you do not have OS sharing enabled (same windows workgroup name etc) and you have your firewalled enabled, you should be fine. Admin could sniff traffics if he/she wanted to. 
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | Does that include HTTPS traffic ie banking... |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by Anav :Does that include HTTPS traffic ie banking... Only if they haven't broken it. |
|
OldGrayWolf
join:2007-10-06
4 edits | reply to CoolPerson
Connection Monitoring |  - Wireshark.png/thumb.jpg "165509 bytes")
Packet Sniffing |
If you use sites with HTTPS, such as a bank that is encrypted, they can sniff your packets; however, it is encrypted so they will not be able to read them without a great deal of work. Unencrypted HTTP sites can have the packets sniffed. Picture of sniffing included above.
They can see where you connect to, what sites, unless you use VPN and use the VPN server connection to browse. All they know is the IP address or Domain name of the VPN server. Picture of monitoring connections above.
As far as seeing your desktop, I think Microsoft Windows would require that you enable remote desktop sharing for them to see your desktop. That is unless they find some other way to install a keylogger or similar program on your computer.
I should tell you that if they are truly geeks, you probable need to think about how much you trust them. |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
1 edit | Doesn't seem like a very interesting past time for anyone to sit down and do though LOL.
You may want to consider hotspot shield then
»www.hotspotshield.com/
I use it to view US Video content that non-americans are often blocked from viewing such as many videos from universal sports. |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| said by Anav :You may want to consider hotspot shield then » www.hotspotshield.com/I use it to view US Video content that non-americans are often blocked from viewing such as many videos from universal sports. Isn't it very slow like Tor? That is what I kept hearing. I used Tor, but it's horrible slow. 
--
Ant @ »antfarm.ma.cx and »aqfl.net. Please do not IM/e-mail me for technical support. Use the forum! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | Works fine for me. |
|
docrice
join:2008-03-31
Fremont, CA
| reply to antdude
VPN services are essentially an additional hop or two in your routing path to your destination (although this can actually vary greatly depending where your final destination is relative to the location of the VPN gateway). Tor, on the other hand, goes through a maze of SSL-enabled nodes across the globe with the ultimate intention of ensuring the destination host has no clue where you could be coming from (at least strictly from an addressing point of view) and at the same time the intermediary routing nodes can't see who you are. While Tor has better assurance in the area of anonymity due to unique traffic path each time you send a request, there's a huge performance cost attached to it until the designers improve upon the protocol and / or there are more Tor nodes available.
A VPN service's performance will be more dependent on their throughput ability and the amount of load their servers are experiencing at any given moment (as well as potentially any filtering that may be going on at their end). |
|
