PDA

View Full Version : Helping with Internet connection sharing



BeeSee
25-02-2004, 12:50 PM
Hi everyone. I have decided to join one of Telecom's new DSL plans (thats beside the point) and am thinking about sharing it with my flatmate, since its probably the most economical and approved by Telecom.

In short, it sounds like a fine arrangement, thought I am tad worried about the security side of things. Apparently internet activities can be traced back to a particular account, but NOT individual computers. So if someone sharing my account is nabbed for doing something illicit, be my head on it ... or so I understand.

Is someone here able to help me out please and take me through step by step (in detail) as to how to avoid this potentially unpleasant situation? Someone I've talked to mentioned setting up a local LAN so that I could monitor the content of activities taking place on the other computers. Though I am willing to try other means: the point is I need to be able to sharing my account but to keep my information strictly private.

Also, how could I keep my email entirely separate from the other users? As I suspect all they need is the login and password ( which they would have) and set up the parameters and away they go?

My main worries are there:
1. Keep internet activities seperate and/or be able to stop other account holders from doing illegal things.

2. Keep my email private.

Thanks for helping me out, sorry I am basically illiterate when it comes to internet security so some detailed and step by step tutorials will bevery much appreciated!

Thanks :)

BeeSee
25-02-2004, 12:51 PM
Also, I was referred here by someone on another board and apparenly I need to specify my OS and email client, so here it is: I am using Win98 and Outlook Express.

Greg S
28-02-2004, 11:07 AM
*bump*

sorry I can't answer personally, coz I'm not exactly a wizz on networking, nor do I use Outlook Express

Jester
28-02-2004, 11:54 AM
Hi and welcome to Press F1

I would suggest that you use a adsl router to distribute the data to yours and your flatmate's PC's individually, rather than Internet Connection Sharing in XP, as ICS means that your flatmate's computer uses yours as a gateway.

Dick Smiths XH1149 router is now only $159 . I use one and it's brilliant.Link to Router (http://www.dse.co.nz/cgi-bin/dse.storefront/403fc4a202499018273fc0a87f9906ea/Product/View/XH1149).

Each computer on a network has its own address known as a MAC address, which may be able to identify the PC if any objectionable material was downloaded, or at least rule your PC out if it got to that. In the end however you will be responsible for the conduct of the connection, much the same way as a Telecom customer is responsible for any abusive calls originating from their phone.

Secondly, some ISP's offer more than one email address on the account, and these can have separate passwords. These email addresses aren't 'aliases' that all point to the main account, but for separate users on the same connection. I am susre that Telecom offer these.

Alternatively, you can always set up an Orcon email adress for free, that is yours for life, that only you can access, regardless of what ISP you use. Orcon link (http://www.orcon.net.nz/products/email/free/)

Hope this helps a bit.

J
:D

cyberchuck
29-02-2004, 08:52 AM
> 1. Keep internet activities seperate and/or be able to stop other account holders from
> doing illegal things.

What I've done at home (not intended for this purpose, but it does the job nicely), is I've gotten my claws on an old P233Mhz machine which I've setup as a Firewall/DNS/Proxy Server. What happens is all FTP/HTTP traffic on my network goes through the proxy (transparant so there's no tick to remove and you're automatically past it), the proxy checks everything and if it holds the site(s) that are requested in its cache it serves them locally, otherwise it goes out to the net and drags them back in. The firewall/proxy... is set as the gateway for the network and then the firewall uses the Router as a gateway for the internet (the same router as Jester mentioned).
That's not the point however (although the router saves on having to give out the internet password to everyone as it just holds on to it and stays connected to the net).

The point is the proxy also logs wherever anyone visits on the net (including those annoying popups which load) and displays a list like:
Source IP Dest. IP URL Port
192.168.1.6 207.68.173.45 www.hotmail.com 80
192.168.1.6 [all other hotmail related stuff]


Smoothwall (http://www.smoothwall.org) and IPCOP (http://www.ipcop.org) are great for something like this. Just bare in mind that this works for HTTP and FTP transactions so email transactions will not be logged or any other protocol for that matter.

At the end of the day it's a matter of trust and just asking your flatmate(s) not to do anything stupid.

> 2. Keep my email private
Provided you keep your password to yourself and don't go around setting up your email account on other peoples machines you're pretty much safe here, at the same time try to keep accounts seperate, so if someone needs to use your machine they use another account without access to your personal information, emails and so forth.


CyberChuck

me_ill
29-02-2004, 12:27 PM
My first suggestion would be to buy a ADSL router / hub - the're cheap realiable and easy to set up - and you will need a hub anyway.

Failing this you may find the Microsoft connection sharing is not the best we were sharing our 56k (ok it was pre ADSL) connection and really found it's better to use a tool like analogx's proxy server (free to a size) or another. It also can work the host computer a little.

ugh1
01-03-2004, 04:35 PM
> In short, it sounds like a fine arrangement, thought
> I am tad worried about the security side of things.
> Apparently internet activities can be traced back to
> a particular account, but NOT individual computers.
> So if someone sharing my account is nabbed for doing
> something illicit, be my head on it ... or so I
> understand.
>
> Is someone here able to help me out please and take
> me through step by step (in detail) as to how to
> avoid this potentially unpleasant situation? Someone
> I've talked to mentioned setting up a local LAN so
> that I could monitor the content of activities taking
> place on the other computers. Though I am willing to
> try other means: the point is I need to be able to
> sharing my account but to keep my information
> strictly private.

The only way to stop such things are:

1. Dont share your connection.

2. Stand over the other peoples shoulders and watch them the entire time they are online.

There are software / hardware solutions that require ALOT of manual intervention to keep them up to date and maintain if you are willing to waste the time and they are far from perfect...