Set up simple network and ensure security

Page 5 of 6 FirstFirst ... 3456 LastLast

  1. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #41

    after changing the router default internal ip, and setting up static ips on both computers and thinking no one could "find" any of these internal ips, i discovered many sites which did indeed reveal my computers ips. i suspect the routers internal ip can be seen also, but so far it didnt show up.

    1. is the above typical, apparently the sites use Java/ Java scripts to reveal the internal ip, although when i disabled specific Java settings in the browser, it still revealed the ips (if the browser internet security is set to custom high, instead of default med/high then the ips dont show, but then obviously many other items wont show on the sites)?

    2. also does this mean anyones internal ip can be found from anyone elses location using similar such methods/sites?

    thanks
      My Computer


  2. Posts : 660
    win7
       #42

    Which sites have you been to that have shown your internal ips?
      My Computer


  3. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #43

    i think it doesnt really matter, since only i see the addresses (i think !) but still...!!

    look here:

    What Is My IP Address Location? Find IP Address Search, IP Locator, IP Lookup

    here:

    http://www.find-ip-address.org/router-ip-address.php

    and here:

    Anonymous Surfing

    discussion here:


    Internal IP adress
    Last edited by balm; 31 Jan 2011 at 07:55.
      My Computer


  4. Posts : 660
    win7
       #44

    The reason it can report your ip address is because you allow javascript to run as a matter of course. The site calls a javascript when you load it that reports the ip address back. If you use firefox, go to "tools", "options" and select the content tab. On the screen de-select the "enable Javascript" check box. Then reload the page again and you will find that it cannot report your internal address.

    The fact that they are able does not mean any great danger as long as you keep all your protection up to date and DO NOT go on the internet without your firewall running. Best in my opinion is to run with the router hardware firewall and Comodo software firewall on.

    You're definitely getting there Balm!!!
      My Computer


  5. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #45

    The "auditmypc" site is distinct, in that it continues to run the internal ip even with Active Scripting, Scripting of Java Applets, and ActiveX options disabled, i also deleted cookies/history/tmps, and disabled all Activex, Java web add-ons, so i would assume its some other item(s) or combination thereof running....but i understand there is no security risk anyway.

    I went thru the customize security settings in the "internet zone" one by one to see which one is causing it, but was unable to determine the cause...
    Last edited by balm; 01 Feb 2011 at 12:17.
      My Computer


  6. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #46

    1. i understand it is best to close the wireless internet connection when not in use, what is the best/easiest way to close the wireless connection, for example at the router/modem (combo), at the ethernet desktop, or at the wirelss laptop...?


    2. also, can the ethernet cabled leg of the network be used as a "more secure connection" than the wireless leg (to laptop) in terms of web activities. In other words is the ethernet cabled computer web activity broadcast over to or "seen" by the wireless connected laptop, i assume it is?



    the reason i ask is i was thinking its safer doing the internet banking on the ethernet computer (even though its SSL)....
    Last edited by balm; 01 Feb 2011 at 20:16.
      My Computer


  7. Posts : 660
    win7
       #47

    1. You do not need to close your wireless connection when not in use as long as you use WPA2 security and use a long password consisting of a mix of Upper and Lower case letters, numbers and symbols such as ? or ! as this will provide a virtually uncrackable system unless the hacker has access to a supercomputer and hundreds of years to waste!!. The recommendation is to DEFINITELY use WPA2 security.
    2. Again, if you use WPA2, your wireless network will be as secure as your LAN connection. Bear in mind that any activity by you is more likely to attract a problem from malware, trojans etc. Your ethernet cabled computer web activity is not seen by the wireless connection, only the reduction in available bandwidth ie. a slowing down of the connection when the ethernet computer is downloading say a film or music.

    Again, as long as you use WPA2 security on your network, it is OK to use your laptop for internet banking as long as you ensure that you are connected to a website using "HTTPS" and NOT "HTTP".
      My Computer


  8. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #48

    thank you sir, you are most helpful,

    you seem to think that https is sufficient protection for the average home internet banking user, what concerns me is the issue of banking username & passwords information....

    1. so assuming this information is entered right from the banks "https" sign-in page, there is virtually no risk an attacker (assuming he has already "gained access" to your computer) can intercept the password...in other words he cannot see the information being typed in on the https page?


    2. if https encryption is so good, could this be implemented on a wireless network instead of WPA2?

    3. heres interesting pdf re. ARP attacks, home consumer....albeit there is still the issue of cracking WPA2 and STRONG password!

    http://digilander.libero.it/SNHYPER/files/arppoison.pdf
    Last edited by balm; 03 Feb 2011 at 11:51.
      My Computer


  9. Posts : 660
    win7
       #49

    1. If an attacker has already gained access to your computer then you are stuffed and you can no longer trust the computer with any personal details until you regain full control of your computer. You would need to IMMEDIATELY inform your banks, creditcard agencies and any other secure organisations you use, that you suspect/know that your security has been breached and reset all your passwords including your email accounts. On the other hand, if you have not had any security breach, then it is normally OK to use HTTPS sign in pages with confidence. Usually the breaches in bank detail security is achieved by duping the computer driver that they should give details of their login on a false bank login page which can be very realistic looking. You are normally duped into this by an email asking you to confirm your details. This is known as "phishing" and this type of attack is quite common so always beware of any emails supposedly coming from your bank especially thase that ask you to login to confirm your detials.

    2. HTTPS is a secure way of passing details over the internet via web pages and all communications between you and the owner of the https address is encrypted so that nobody can eavesdrop on the information. WPA2 is an encryption method for communication between wireless network components such as computer and router. So they are both encryption methods but used for different purposes.

    3. To successfully carry out this type of attack requires the attacker to have already breached your security and have access to your network either wired of wireless so make sure you setup WPA2!!

    Make sure you keep your firewall software, antivirus and anti-malware programs regularly updated, scan you system once a week (or as soon as you suspect an attack) and you should be fine.
      My Computer


  10. Posts : 58
    Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
    Thread Starter
       #50

    thanks wiley, yes i understand the importance of WPA2...

    i got on to https when reading up on the extreme measures some forum members are using to do their online banking, including using linux boot disks, security certificates, and password programs....ill have to look more into it...thanks again for your advice.
      My Computer


 
Page 5 of 6 FirstFirst ... 3456 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:29.
Find Us