Ask Me Help Desk

Ask Me Help Desk (https://www.askmehelpdesk.com/forum.php)
-   Other Security (https://www.askmehelpdesk.com/forumdisplay.php?f=476)
-   -   How secure am I from people on the same network? (https://www.askmehelpdesk.com/showthread.php?t=308180)

  • Jan 24, 2009, 09:12 PM
    Antiphet
    How secure am I from people on the same network?
    My friend and I have been chatting online together for a while, but he recently found out that his roommate might be trying to hack his computer. All the roommates, including my friend, use the potentially hostile roommate's wireless router. My friend is running Vista with his network set on "public", has Norton Internet Security (with up-to-date subscription), and has physical control over his laptop (meaning they cannot physically install anything). Given that he is using their wireless to connect, is there any way for them to listen in to chats, get access to passwords for email or bank accounts, or anything else? We usually chat with Googletalk, but are not opposed to switching to a different client. How vulnerable is his system, and if it is vulnerable, what should be done? Neither of us is a computer expert, but a friend who knows a bit more than us said, "Don't worry about it -- they'd have to be serious hackers to break in." That being said, what if they really are determined? The roommate don't have NSA level resources or anything, but what if the roommate has a decent amount of computer savvy or contacts and interest in applying them?
  • Jan 24, 2009, 10:09 PM
    Scleros
    Quote:
    Originally Posted by Antiphet View Post
    That being said, what if they really are determined?
    I don't know the specifics of the Google chat protocol, but unless it is encrypted and the wireless connection to the router is encrypted all the roommates have to do is run freely available packet sniffing software wirelessly or either potentially wired depending on the network topology to see all the packets (and their data) your friend's laptop transmits. Additionally, if Norton Internet Security is configured to trust the local wireless LAN subnet, which is typically the default, any other computers on the same subnet can connect to the laptop and try to exploit unpatched security vulnerabilities to gain access. Things could be even simpler if the administrative drive shares are enabled and the built-in administrator account is enabled with a weak or no password. Your friend should review his NIS settings and trust nothing, verify all user accounts have strong passwords, disable any unused accounts, and visit Windows Update and apply all critical patches. Since the router is not under your control, if the wireless setup is an open connection without a security suite, there isn't much you can do to thwart eavesdropping other than use a chat client/protocol that encrypts the conversation stream. See encrypted chat clients and X-IM.

    What makes your friend think "...his roommate might be trying to hack his computer"? Even with the right tools, extracting meaningful data from a packet stream is time consuming. It would be easier to go through your friend's wallet or files while he slept.
  • Jan 24, 2009, 10:25 PM
    Antiphet
    Quote:
    Originally Posted by Scleros View Post
    I don't know the specifics of the Google chat protocol, but unless it is encrypted and the wireless connection to the router is encrypted all the roommates have to do is run freely available packet sniffing software wirelessly or either potentially wired depending on the network topology to see all the packets (and their data) your friend's laptop transmits. Additionally, if Norton Internet Security is configured to trust the local wireless LAN subnet, which is typically the default, any other computers on the same subnet can connect to the laptop and try to exploit unpatched security vulnerabilities to gain access. Things could be even simpler if the administrative drive shares are enabled and the built-in administrator account is enabled with a weak or no password.

    What makes your friend think "...his roommate might be trying to hack his computer"?
    So assuming the router is WEP encrypted, Norton NOT configured to trust the local LAN subnet, the computer's passwords are not known, and the computer has the latest patches, things are hunky-dory? The backstory is... complicated, but better safe than sorry.
  • Jan 24, 2009, 11:11 PM
    Scleros
    Quote:
    Originally Posted by Antiphet
    So assuming the router is WEP encrypted...
    WEP has been broken, yet it is better than an open connection (nothing), but it can be hacked in a few minutes with freely available tools and generally shouldn't be used if WPA or WPA2 is supported by all the devices.

    Quote:
    Originally Posted by Antiphet
    ...things are hunky-dory
    I don't know. Doing those things presents tall hurdles to the average joe. How high the hurdles are depends on how talented and determined the roommates are. Since we're assuming "they really are determined", and I don't know these people or the laptop, I can't give you a blanket "if you do X and Y, you won't have any problems." However, a properly configured firewall significantly reduces the likelihood of access as a system cannot be prodded until a weakness is found if the firewall drops all unauthorized connections. Turning the laptop off when not in active use also reduces exposure. Your friend should also be wary of any software or email received from the roommates.

    • All times are GMT -7. The time now is 02:33 PM.