Wireless security regarding files

Discussion in 'Wireless Networking' started by John, Apr 20, 2007.

  1. John

    John Guest

    My wireless network is secured using WPA-PSK TKIP but there has been some
    publicity here in the UK over the last few days regarding unsecured
    networks. Most of it revolves around the intruder gaining access to the
    internet through unsecured networks but there has been mention of people
    being able to gain access into the computer.

    My understanding is that no-one can get into my files or folders unless I
    *specifically and conciously* set up a share for those. I have "Printer and
    File Sharing" enabled and my printer is actively shared (as denoted by the
    "hand" icon under it) but I have not actively shared any other files or
    folders and I had always believed these to be "safe" - am I wrong?

    John
     
    John, Apr 20, 2007
    #1
    1. Advertising

  2. "John" <> wrote in message
    news:...
    > My wireless network is secured using WPA-PSK TKIP but there has been some
    > publicity here in the UK over the last few days regarding unsecured
    > networks. Most of it revolves around the intruder gaining access to the
    > internet through unsecured networks but there has been mention of people
    > being able to gain access into the computer.
    >
    > My understanding is that no-one can get into my files or folders unless I
    > *specifically and conciously* set up a share for those. I have "Printer
    > and File Sharing" enabled and my printer is actively shared (as denoted by
    > the "hand" icon under it) but I have not actively shared any other files
    > or folders and I had always believed these to be "safe" - am I wrong?
    >
    > John
    >


    In addition to what you have done I also recommend configuring the XP SP2
    Windows Firewall (or any other software firewall) to block all incoming
    traffic, ie. set for No Exceptions, on any laptop you might own.

    http://theillustratednetwork.mvps.org/ScreenShots/SP2WindowsFirewall/FirewallNoExceptions.JPG

    As far as desktops are concerned I configure each desktop, wireless or
    otherwise, to only allow File & Print Sharing access only from specific
    local LAN IP addresses or VPN client addresses.

    http://theillustratednetwork.mvps.org/ScreenShots/SP2WindowsFirewall/FirewallCustomScope.JPG

    With Vista the OS is smart enough to change from a public network to a
    private network when I connect to my home wireless LAN. The private network
    completely blocks incoming probes, while the private network allows File &
    Print Sharing, etc. That works very well IMHO...

    http://www.microsoft.com/technet/community/columns/cableguy/cg0906.mspx

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the
    mutual benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...
     
    Sooner Al [MVP], Apr 20, 2007
    #2
    1. Advertising

  3. "Sooner Al [MVP]" <> wrote in message
    news:...
    > "John" <> wrote in message
    > news:...
    >> My wireless network is secured using WPA-PSK TKIP but there has been some
    >> publicity here in the UK over the last few days regarding unsecured
    >> networks. Most of it revolves around the intruder gaining access to the
    >> internet through unsecured networks but there has been mention of people
    >> being able to gain access into the computer.
    >>
    >> My understanding is that no-one can get into my files or folders unless I
    >> *specifically and conciously* set up a share for those. I have "Printer
    >> and File Sharing" enabled and my printer is actively shared (as denoted
    >> by the "hand" icon under it) but I have not actively shared any other
    >> files or folders and I had always believed these to be "safe" - am I
    >> wrong?
    >>
    >> John
    >>

    >
    > In addition to what you have done I also recommend configuring the XP SP2
    > Windows Firewall (or any other software firewall) to block all incoming
    > traffic, ie. set for No Exceptions, on any laptop you might own.
    >
    > http://theillustratednetwork.mvps.org/ScreenShots/SP2WindowsFirewall/FirewallNoExceptions.JPG
    >
    > As far as desktops are concerned I configure each desktop, wireless or
    > otherwise, to only allow File & Print Sharing access only from specific
    > local LAN IP addresses or VPN client addresses.
    >
    > http://theillustratednetwork.mvps.org/ScreenShots/SP2WindowsFirewall/FirewallCustomScope.JPG
    >
    > With Vista the OS is smart enough to change from a public network to a
    > private network when I connect to my home wireless LAN. The private
    > network completely blocks incoming probes, while the private network
    > allows File & Print Sharing, etc. That works very well IMHO...
    >
    > http://www.microsoft.com/technet/community/columns/cableguy/cg0906.mspx
    >
    > --
    >
    > Al Jarvi (MS-MVP Windows Networking)
    >
    > Please post *ALL* questions and replies to the news group for the
    > mutual benefit of all of us...
    > The MS-MVP Program - http://mvp.support.microsoft.com
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights...
    >


    CORRECTION...

    The last sentence should read... Note the change to "public" in the second
    word...

    "The public network completely blocks incoming probes, while the private
    network allows File & Print Sharing, etc."

    --

    Al Jarvi (MS-MVP Windows Networking)

    Please post *ALL* questions and replies to the news group for the
    mutual benefit of all of us...
    The MS-MVP Program - http://mvp.support.microsoft.com
    This posting is provided "AS IS" with no warranties, and confers no
    rights...
     
    Sooner Al [MVP], Apr 20, 2007
    #3
  4. John

    Lem Guest

    John wrote:
    > My wireless network is secured using WPA-PSK TKIP but there has been some
    > publicity here in the UK over the last few days regarding unsecured
    > networks. Most of it revolves around the intruder gaining access to the
    > internet through unsecured networks but there has been mention of people
    > being able to gain access into the computer.
    >
    > My understanding is that no-one can get into my files or folders unless I
    > *specifically and conciously* set up a share for those. I have "Printer and
    > File Sharing" enabled and my printer is actively shared (as denoted by the
    > "hand" icon under it) but I have not actively shared any other files or
    > folders and I had always believed these to be "safe" - am I wrong?
    >
    > John
    >
    >


    The only way to really protect a computer system from attack is to not
    connect it to any other systems. And even then, it's vulnerable to
    attack by an authorized insider.

    Of course, disconnecting your computer from the Internet is antithetical
    to what you probably bought your computer for in the first instance.

    With a computer connected to the Internet, there is no way that you can
    *guarantee* that information stored on the computer can not be accessed
    or compromised by unauthorized intruders. The best that you can do is
    to make such activity as difficult as possible. The recommended path to
    achieving this goal is to use what is called a "layered" approach to
    security. The NTFS file system available in Windows XP provides tools
    -- access permissions -- to implement one layer of protection.
    Encrypting your wireless transmissions provides another. For more
    information, see
    http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html
    or
    http://www.google.com/search?hl=en&q=+layered +security&btnG=Search

    Are you "safe"? Depends on what you mean and how far you're willing to
    go. Rent Marathon Man: http://www.imdb.com/title/tt0074860/

    --
    Lem MS MVP -- Networking

    To the moon and back with 64 Kbits of RAM and 512 Kbits of ROM.
    http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
     
    Lem, Apr 20, 2007
    #4
  5. John

    John Guest

    "Lem" <> wrote in message
    news:uQe%...
    > John wrote:
    >> My wireless network is secured using WPA-PSK TKIP but there has been some
    >> publicity here in the UK over the last few days regarding unsecured
    >> networks. Most of it revolves around the intruder gaining access to the
    >> internet through unsecured networks but there has been mention of people
    >> being able to gain access into the computer.
    >>
    >> My understanding is that no-one can get into my files or folders unless I
    >> *specifically and conciously* set up a share for those. I have "Printer
    >> and File Sharing" enabled and my printer is actively shared (as denoted
    >> by the "hand" icon under it) but I have not actively shared any other
    >> files or folders and I had always believed these to be "safe" - am I
    >> wrong?
    >>
    >> John

    >
    > The only way to really protect a computer system from attack is to not
    > connect it to any other systems. And even then, it's vulnerable to attack
    > by an authorized insider.
    >
    > Of course, disconnecting your computer from the Internet is antithetical
    > to what you probably bought your computer for in the first instance.
    >
    > With a computer connected to the Internet, there is no way that you can
    > *guarantee* that information stored on the computer can not be accessed or
    > compromised by unauthorized intruders. The best that you can do is to
    > make such activity as difficult as possible. The recommended path to
    > achieving this goal is to use what is called a "layered" approach to
    > security. The NTFS file system available in Windows XP provides tools --
    > access permissions -- to implement one layer of protection. Encrypting
    > your wireless transmissions provides another. For more information, see
    > http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html
    > or
    > http://www.google.com/search?hl=en&q=+layered +security&btnG=Search
    >
    > Are you "safe"? Depends on what you mean and how far you're willing to
    > go. Rent Marathon Man: http://www.imdb.com/title/tt0074860/


    Thanks Al, and you too Lem. I actually use the free version of ZoneAlarm as
    my preferred firewall (rather than XP's own) because it monitors outgoing
    traffic as well as incoming, but I was really just asking in a general
    sense.

    A piece on a TV news slot showed a guy sat in a car with a laptop getting
    access into various folders and files of someone's machine, then knocking on
    the door to alert the owner that they had a completely unprotected system. I
    knew that it's possible to jump on an unencrypted wireless connection to get
    out to the internet, but I didn't know it was possible to get in to the
    computer without having specific shares set up. I'll have a good read of the
    links you've provided.

    Cheers,

    John
     
    John, Apr 20, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. totojepast
    Replies:
    0
    Views:
    400
    totojepast
    Jul 31, 2003
  2. =?Utf-8?B?VGFuZ28=?=

    doubt regarding mcsa messaging and mcse security

    =?Utf-8?B?VGFuZ28=?=, Sep 4, 2005, in forum: MCSE
    Replies:
    1
    Views:
    424
    catwalker63
    Sep 4, 2005
  3. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    627
    COMSOLIT Messmer
    Sep 5, 2003
  4. Annie
    Replies:
    10
    Views:
    746
  5. 'Ole
    Replies:
    26
    Views:
    1,321
Loading...

Share This Page