Found a Broadband wireless router and a PC wireless card for the laptop for $19 each after rebates at Compusa. Just couldn't turn that down. Now I can sit in my lazyboy with the laptop and visit here. :) I can use the broadband with both PC's with out disconnecting one. WOW another step up. One day my tech stuff is all gonna crash at the same time and I will have a stroke! :) :) If I only had wireless for the 20d now ,,,:) I am getting too old for this stuff but I just have to try and keep up and it gets harder every year. Now I gotta get the network to work so I can so share files. :) WHY I Don't know! Just because I can ! :)

JZ

Just make sure you secure your wireless network so that people can't just "hook" into your system with their own laptops and mooch off of you and your internet service. :confused:

Just make sure you secure your wireless network so that people can't just "hook" into your system with their own laptops and mooch off of you and your internet service. :confused:

Yes. Wireless rocks, but this is the biggest mistake people make. I have 4 neighbors with wireless around me. Only one has their's secured. Mine is locked as tight as a drum.

Just make sure you secure your wireless network so that people can't just "hook" into your system with their own laptops and mooch off of you and your internet service. :confused:


When I first set it up I did't have it secure but found the encription and PW setup and set it. Then my laptop wouldn't connect. It took 4 hours to figure how to set up the laptop to match the router. I think its secure now.:)

JZ

When I first set it up I did't have it secure but found the encription and PW setup and set it. Then my laptop wouldn't connect. It took 4 hours to figure how to set up the laptop to match the router. I think its secure now.:)

JZ
Next time I get a chance to drive around your neighborhood, I'll let you know how secure it really is. ;) :mrgreen:

Or look at it another way. Make sure your computer is properly secure and leave the access point open. I even renamed my SSID to openet. Someone wants a bit of bandwidth they are welcome to it. Never actually seen any extra traffic on the router logs, but its there if anyone needs it. :)

Or look at it another way. Make sure your computer is properly secure and leave the access point open. I even renamed my SSID to openet. Someone wants a bit of bandwidth they are welcome to it. Never actually seen any extra traffic on the router logs, but its there if anyone needs it. :)

I won't do that... remember that who hangs around with a laptop looking for unsecure Wifi networks is usually looking for a place either to steal/destroy data or, worst, to launch an attack to someone elses system to do the same. Both these actions are absolutely illegal everywhere in the civilized world, but the second one is quite more risky since its not YOUR data that is compromised but someone elses.

If they attack and external system from your Internet connection, YOU are responsible unless you can prove your innocence. So be really careful in keeping your wifi open and available. Just my .02 (as a security expert, perhaps :D).

Someone trying to launch a conserted attack would do better than to do it from a not necessarily permanent connection. Also, there are far too many easier targets out there. Namely all the people with broadband connections plugged directly into their computer who don't have a clue what a firewall is. All that spam has to be coming from somewhere. :) What was it, 20 minutes for a vulnerable system to be probed and compromised?

What was it, 20 minutes for a vulnerable system to be probed and compromised?

I've read posts from people whose PCs got compromised during boot. Turn on that firewall!

Someone trying to launch a conserted attack would do better than to do it from a not necessarily permanent connection. Also, there are far too many easier targets out there. Namely all the people with broadband connections plugged directly into their computer who don't have a clue what a firewall is. All that spam has to be coming from somewhere. :) What was it, 20 minutes for a vulnerable system to be probed and compromised?

Don't really agree with you. Sure there are more vulnerable targets (those you mentioned being surely the easiest in the world), but IMHO letting others, without any form of access control, use your connection is still wrong. Legal liability may occur, no matter if yours is a permanent connection or not, it can still be used to do any sort of bad stuff, including bot dissemination - that can later be controlled from another connection, and the dissemination is the less difficult to trace back - that can be used for any sort of DDoS attack, to the plain and simple sending illegal stuff (porn, crack or whatever) from your IPs.

I still like my privacy being fully covered, at least at the best of my knowledge. Im my home/office installation wireless sits on a separate LAN, on a separate leg of the firewall (a Cisco Pix 515) and it only can access the inside machines on specified ports and only after authentication with 802.1x protocol. I may be a little paranoid, but on my machines there is all my professional life, and a lot of customers informations that are extremely sensitive data.

Moreover, I do not want to be kept responsible for anything that I have not done, so either you are a well known/trusted person, and if this is the case you have at least partial access to my network, or you just stay outside and disconnected. Use your wireless GPRS/UMTS connection if needed, but stay away from my network.

I have installed a Websense Security Suite for controlling in depth what is going in and out and logging everything.

I also have an honeypot (a linux box with some tricks on it) on the external LAN, just to make sure i trap whatever I can and take actions against thole little bastards, either legal or a little more aggressive :)

Security is important, not matter what your data are, those are YOUR data and by definition they are sensitive. Plus, the risk of getting involved in a trial in case other do what is not suppoed to do is not so appealing to me :)

Anyway, everyone ha the right to take any risk they want. I just intended to give a suggestion from the technical/legal point of view, since this is my business since 1998. In other words, I was just trying to help :)

Rob

I've read posts from people whose PCs got compromised during boot. Turn on that firewall!

Useless... if you get stucked with any sort of attack while booting, it will happen before the firewall stars up. An external firewall (Cisco Pix 501/515, Fortigate 50A, USR 8200) will do the job and keep you at least partially protected until you have all you antivirus/patches/packet inspection (i.e. ISS Deskprotector) installed, configured and running.

After that, the two level of protection - packet filtering on the outside and packet inspection and antivirus on the single host, will keep you the most safe possible.

If you use a Fortigate on the external, youll' find that it does a great job since is doing both packet filtering and inspection directly in hardware at the external level (i.e. before enetring you own network), plus it takes several types of actions against viruses, attacks, and mail filtering. Interesting product for a reasonable price, I must say.

Take a look at www.fortinet.com (http://www.fortinet.com) and see for yourself. I love my 50A working in transparent mode and inspecting everything that passes my pix.

If someone does something illegal through a connection I provided I am not legally repsonsible.

In the same way DVD copying software is not responsible if you make illegal copies rather than using it within your fair use rights (at least before congress removes fair use rights).
In the same way a gun manufacturer is not responible for a murder using their gun.

Basically, its exceedingly unlikely that anyone would perform an illegal act while connected through my broadband, my own equipment is separated off anyway, and its just a small home network so its not like I've got 300 computers sitting behind it.

And lastly, I'm just not going to sit worrying about that kind of thing anyway. There is too much else that is more important. :)

I do not know for sure on your side of the pond, but here you are legally responsible for whatever happens trough you connection, unless you have a way to demonstrate that you were breached. It may be different in your country, but it will seem a little strange to me. I cannot - and do not desire, of course - force you in a different direction. Your opinion is just as good as mine and it hase never been my intention to force anybody.

Just trying to pass some advice on a matter that technically and legally (the latter at least in my country) I know reasonably well. No problem at all, feel free to take it or not (and yes, I know that you do not need my permission to take it or not :)).

Perhaps, its your connection, not mine :D :D

No worries, and the advice is appreciated.

Here the concept is if you provide something with a primarily legal use (say a VCR) that also has an illegal use (copying movies) you are not responsible if someone actually does something illegal. It just relies on the primary intention of the items at hand being a legal one.

Network security is good, but then again... I live for danger :-P;) (that AOL commercial cracks me up). I don't worry about none of that... I like wires :D

No worries, and the advice is appreciated.

Here the concept is if you provide something with a primarily legal use (say a VCR) that also has an illegal use (copying movies) you are not responsible if someone actually does something illegal. It just relies on the primary intention of the items at hand being a legal one.

Wait, I do not want to argument or make any polemic, but I believe that my English faulted and I did not explained well what my tought was... I'll try again :D

The same concept that you have expressed applies here, but I believe this is not the case.

In our example, that is the case of your service provider that, of course is not responsible for what you do with the bandwidth you are buying. He may probably be forced to give the LEOs every detail if they receive a warrant, but that's it. Absolutely reasonable and internationally agreed. Nobody will discuss this.

In our example, perhaps, you are the end user (in other words, the one that buys the gun), since I do not believe you are an Internet Service Provider with a simple wireless home network :)

This is why I am telling that you are the one responsible for what happens trough your broadband connection. Your ISP knows you, and nobody else. If a judge emits any form of warrant against your ISP (i.e. because they found that a DDoS attack against POTN was started from your IP address) who do you think they are going to name ? The only one that they are aware of, that means of course you.

At that point you may have any security agency coming at you and asking questions. Now, what happens in your country if you are not able to demonstrate that you did not started the DDoS attack ?

Am I missing something ?

At that point you may have any security agency coming at you and asking questions. Now, what happens in your country if you are not able to demonstrate that you did not started the DDoS attack ?

Am I missing something ?

I don't need to demonstrate that I didn't start a DDoS attack, they need to demonstrate that I did. The onnus is on the accuser. Innocent until proven guilty.

Assuming that they just said, well it came from your IP, I could provide network logs to show who used what when.

However, I agree with your point. I'm not sure how far down the chain the protection goes. Sure the ISP would be immune, but as a kind of vagrant ISP would the same apply. Particularly as opening an access point with the aim of letting people share is sometimes against the TaCs of the ISPs. People who let their PCs get turned into zombies don't get fined or such, although they presumably don't know what is happening. It's probably all a bit of a legal gray area.

Wait, I do not want to argument or make any polemic, but I believe that my English faulted and I did not explained well what my tought was... I'll try again :D

Oh, and don't ever feel like you have to apologise for your English. It is after all far better than my Italian. :) Seriously, your English is very good.

if you like testing how secure your wired/wireless lan is you can use some of the online remote tests available on Gibson Research Corporation (http://www.grc.com/default.htm) . This will check most of the connections, such as ports and ip identifications and other techy things. However, it is not 100% test. It works and provide good indept tests, and i use it occassionally to check by wired network.

I don't need to demonstrate that I didn't start a DDoS attack, they need to demonstrate that I did. The onnus is on the accuser. Innocent until proven guilty.

Right, on your side of the pond the legal system is (reasonably, IMHO) acting that way. Seems strange, but your legal system is somehow inherited from the UK one, that was originally set up by the Romans about 2K years ago.

Here in Italy - despite the fact that our ancestors started the system you are using today - we have inherited the French (Napoleonic) system that is quite different and much less streamlined.

Oh well... I guess that its part of the historical mysteries :)

However, I agree with your point. I'm not sure how far down the chain the protection goes. Sure the ISP would be immune, but as a kind of vagrant ISP would the same apply. Particularly as opening an access point with the aim of letting people share is sometimes against the TaCs of the ISPs. People who let their PCs get turned into zombies don't get fined or such, although they presumably don't know what is happening. It's probably all a bit of a legal gray area.

Yes, probably it is a gray area, albeit not being fully aware of what are the laws in your Country, I agree with you. A good reason to stay out of troubles, IMHO. We all already have a lot of them - who doesn't ? - why looking for more ??? :D :D

Oh, and don't ever feel like you have to apologise for your English. It is after all far better than my Italian. :) Seriously, your English is very good.

Thanks, I appreciate that. :) :)

I don't need to demonstrate that I didn't start a DDoS attack, they need to demonstrate that I did. The onnus is on the accuser. Innocent until proven guilty.

Citizensmith,

Rob612 is on more solid ground here (even if that ground is a few miles away). As far as levying legal action against you; sure, burden of proof is on the accuser. However, read your ISP service EULA. There isn't a consumer broadband ISP in the states that provisions sublet host solutions for non-client use.

Your ISP can shut you down for any reason whatsoever and if their clause doesn't cover the reason; they are only legally responsible to reimburse you for lost internet access. So, whether you're running your own server, have a compromised access point, infected computer or any variant thereof; their consumer service level agreement leaves you without service in the event of questionable activity.

Your ISP doesn't care 'how' it happened; you're using bandwidth in a manner that defaults their policy. You're out. It's not uncommon for an ISP to block an entire subnet of service to get a handle on DDos attacks or track down offending systems if the problem appears to be more than a single IP or definable range.

Further, say you are unknowingly subject to hostile activity through your internet connection. If it's significant enough an issue that your IP is actually investigated, the verification doesn't stop at proof of whether you intentionally facilitated the traffic. Your router logs are inconsequential at this point. You have internet history that directs to POTN and Pekka is obligated to provide access logs regarding your IP if legally served. A browse through your posts offers up personal intention that compromises your service level agreement and in a court of law could actually be inclusive to the point of facilitation of a crime.

Of course there are numerous arguments in and around various issues that support this or that legal action or safe haven. But look at it this way:

Say you're driving 50mph in a subcompact car on a four-lane 50mph highway and decide to pull in front of a Semi-Trailer bearing down on you at 80mph. Does the legality of who's right/wrong really matter at this point? You're going to be without 'service' in short order.

.

(even if that ground is a few miles away).

I wonder what you mean if you say "far" away :D :D :D