Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How can I tell if my computer's been accessed by someone else, and how do I prevent it?

How can I tell if my flatmates have accessed or are accessing my computer?
We have a BT homehub and we share the connection wirelessly, but I have the
Norton firewall on. I don’t know if the firewall only protects my computer from
the intruders outside our network. I’ve heard it’s easy for other people
sharing the same wireless network to sneak into each others’ computers. How is
it done and how can I prevent it?

Let’s see, you’re worried about outside intruders accessing your system,
you’re worried about your privacy, and you’re worried about your wireless
connection.

What you’ve just described is the internet itself but just on a smaller scale.

It should be no surprise then that many of the concepts that used to protect
ourselves from the people we don’t know out on the internet would be used to
protect ourselves from the people we do know sharing our internet
connection.

Become a Patron of Ask Leo! and go ad-free!

In most cases I don’t recommend a software firewall in addition to a
hardware firewall such as a router. Normally you can draw the line of trust at
the shared connection to the internet that the router provides. Everything
inside of that line can be trusted. Everything outside of that line? Not so
much.

In this case, however, you don’t trust the people that share your internet
connection. That’s a very valid assumption and often a good one to make.

In a case like this you pretty much have to treat your connection as if your
machine were connected directly to and sitting naked on the internet.

In other words, turn on that firewall on your machine. It places the line of
trust at your machine’s network connection; everything outside of your machine
is not trusted. That means it should protect you from everything that might
come in from the internet, of course, but also anything attempted by any of the
other machines on your local network.

With the firewall on, you’re not done. You still need to take all the normal
precautions for internet
safety and keeping your machine safe
.

“Remember: if your machine isn’t physically secure then
it’s not secure.”

But there’s still more.

Remember: if your machine isn’t physically secure then it’s not secure. Can
your roommates walk up to your machine and access it when you’re not around?
It’s not secure. Can they insert a boot disk and reboot the machine? Then it’s
not secure. Can they unplug your keyboard and insert an inconspicuous device
that might log your keystrokes? Then your machine is not secure.

In terms of security if any of those are true you’re at risk. How much of a
risk is a determination only you can make, but at least be aware of it.

And then there’s the wireless connection. If the access point is “open”,
meaning that no WEP or WPA password is required to establish a wireless
connection, then even with all the security we’ve talked about so far your
wireless communications can be sniffed. That means everything you’re doing on the
internet could be monitored. With an open Wifi access point it’s exactly like
being in a coffee house open Wifi hotspot: anyone could be listening in.

And finally, if all that weren’t enough, who controls the router? Whoever
has access to the router could be using it to monitor your traffic as
well. Or worse, depending on the capabilities of the router.

It’s all pretty scary, isn’t it?

I certainly don’t want to make things seem worse than they are. Much of your
real risk depends on your roommates technical expertise (or access to others
with that expertise), as well as just how much you trust him or her.

And to finally answer your first question: sadly there really isn’t a
practical way to determine if your computer has been accessed. Prevention is
the only pragmatic way to address the risk. Certainly if your computer is
modified in some way by malware that can usually be detected by the appropriate
scanners, but if someone simply copies or views a document there’s no reliable
way to tell.

So figure out how much you trust the other people on your network and/or
living situation and take action accordingly.

But I’d certainly leave the firewall turned on.

Subscribe to Confident Computing! Tech problem solving & safety tips & a weekly confidence boost in your inbox every week.

I'll see you there!

10 Reasons Your Computer is Slow

Slow Computer?

Speed up with my special report: 10 Reasons Your Computer is Slow, now updated for Windows 10.

NOW: name your own price! You decide how much to pay -- and yes, that means you can get this report completely free if you so choose. Get your copy now!

23 comments on “How can I tell if my computer's been accessed by someone else, and how do I prevent it?”

  1. If you really want to be secure, get an advanced firewall that will block EVERYTHING first, and then learn through dialogs sent to you for each application/user/port that tries to access your machine.

    Windows Update uses service files for example that connect to the internet to check for updates. Most firewalls will not warn you of this. An Advanced firewall will ask you to give every file permission permanently or just for this session. Even the simple update for your clock requires certain service files to access the internet. You will be prompted about everything…

    The downside to this, is that you must have extensive knowledge of exactly what services/files/ports you should be letting through, and which you should not… For example, some random .dll might be asking you for permission to access the internet and you would chose no because you dont know what it is… Later you find out that your clock never updated to modify the new daylights savings time because you never received the hotfix from windows update… You have to know what does what and when to let it through..

    Be wary though, software firewalls have to search the header of every single packet that comes in to find a port number. If you have a lot of data coming in and out, a software firewall will give your CPU a workout.. Possibly 15%-30% CPU usage on a decent connection on full load. You chose if it’s worth it..

    Reply
  2. Under the Start fly-up is Recent Documents.
    I was thinking if I did not access the most recent documents listed………..Then someone else must have turned on my computer and and accessed my docs. Yes or No

    Reply
  3. dear Leo,
    how realible is the internet explorer hitory? if I see that a document has been accessed during my vacation, how can that be ? could it be a mistake? am I beeing hacked ? thanks, L.S.

    Reply
  4. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    I wouldn’t suspect a hack. I think someone just used your computer while you were away.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFHF7szCMEe9B/8oqERAsffAKCMTzFFDQMCD6DzW0peHvTnltAdEwCfZH+H
    yNzqeGEn2aa/EnZ468BUcxU=
    =qODz
    —–END PGP SIGNATURE—–

    Reply
  5. Thanks for the answer. I also checked the event viewer. It showed some activity during that same period I was away. But apparently nobody had access to me house.
    So basically the event viewer and IE History are showing that someone has used the Computer, but nobody was there!? Are those (History and event viewer) reliable? Because you said before ” sadly there really isn’t a practical way to determine if your computer has been accessed”
    If yes, i need to protect my home. I am desperate.
    Thanks for your help.

    Reply
  6. Leo,Thank you so much for your answer! Sorry for this late reply. I just found your email in my box tonight. I was so surprised and happy to know that you have answered my question. I really appreciate that you explained everything so well,in details and that you cared to answer all my questions one by one.

    Your answer is so clear and easy to understand although it covers a good range of complicated issues. Now I do understand more about internet and internet security because of your great help. I am going to make some changes according to your advice.

    I am very grateful. You are great, Leo!!

    Reply
  7. Hello Leo,
    this is my first time to read Your articles, I’m from Croatia, studying informatics, and I think that this theme is very interesting.
    I’m not best in English but I have some questions, so please can You answer me :
    1. I have ZoneAlarm free firewall. What did You mean by Advanced firewall, or Hardware firewall, because my computer is significantly slowed down, like You said beacuse of my software firewall. And in the last 2 weeks I reinstalled my WinXP 5 times because of trojans and other spyware. I had Avast but now I switched to NOD32 plus Adaware 2007.
    2. I have D-Link wireless ADSL 2+ Router (DSL-G684T) and I would like to change the ip address so that only me and my roomate can access the router. We don’t even use wireless cards, we are connected to the router with cables. Antenna is also switched from router. Can anyone other now access our internet connection, because we can download 1Gb/month (I know it’s silly for US standards) and don’t want someone else to use it. And how to turn on that WEP, will it ask me for a password if it’s turned on?

    Thank You

    Reply
  8. hello im not sure whats going on. my computer acts like someone else is doing something on the other end of my computer.everytime i log on a message comes on telling me that windows internet explorer has to abort! this happens (every time)!i have scanned it and it tells me all is fine i am the (only one) who uses this computer so i dont understand what is going on can you help me thanks!

    Reply
  9. I think my husband has somehow managed to get shared access to my computer to check up on me. My comp crashed last week losing all my work stuff he rebooted and swore he did nothing but Im pretty sure he loaded something again….Please help!!!!

    Reply
  10. access to my computer I suspect from someone close to me. When I initially set up my laptop, when opened, it went directly to my connection. But the qhestion is, how does this person know my contents, I thought my email address password is manditory.thanks

    Reply
  11. hi Leo,
    this one is weird, I was logging in to yahoo messanger and all of the sudden my pointer start moving by itself and my fiel start opening up and fiels got started transfering out of my computer to God knows where. Who accessed it and how can i found out and prevetn from thi shapping again.
    thanks

    Reply
  12. Hi, I was wondering whether you came across something like this. I woke up this morning and found that the task manager was opened and a command prompt was opened with the command “ftp: connect” showing. I found this to be very strange, since my bedroom door was locked, and I was asleep. Any ideas/advice would be greatly appreciated. Thanks!
    Steven.

    Reply
  13. My roommate has access to MY internet, on her comp. Is there a way I can stop the access aside from removing the modem from her room. I have a laptop, hers is desktop. Weird huh? Help

    Reply
  14. I do believe my xboyfriend is following my traffic on my laptop that he gave me??? Plus he was on my home computer.( which now turn off &on when I turn it on ) Everytime I turn on my laptop their is a message ” files are ready to be copy” or when I turn off my computer “others that share this computer might lose files” Please help I know he is in my backroom

    Reply
  15. can someone use my unsecure wireless router to log onto a server and send emails and it appear to come from my computer, will there be a record of this on my computer if they did not use my computer, just my wireless connection?

    Reply
  16. I strongly feel my laptop has been hacked as my cursor suddenly starts flying all over.When i click on the address bar it doesn’t show any web pages that I had visited because of this I have to type the web site name every time I sit down to surf.Pl let me know if my laptop is being monitored.
    Thanks a

    Reply
  17. My ex is an IT professional,and I believe he used some type of a thumb drive to change administrative rights, and then routed my computer activities throuh his server. How can I undo or fix this?

    Without knowing exactly what was done the only answer I can offer is to backup and reinstall windows and all applications from scratch.

    Leo
    27-May-2010

    Reply
  18. recently someone corresponded with a craigslist seller about a ring for sale, and it says it came from my computer or I should say my email name. It wasnt me and I was on my computer durring the time of the correspondance how is this possible

    Reply
  19. i have one programmer in my skype abonats. Once he sent me files trogh skype and asked me to send him too one file. Is it possible to view my ip and than throught someway get remote access to my pc. We dont use the same internet providers. And my connection to internet is with wire. Thank you

    Reply
  20. My friends keep saying that they can access my macbook when I m not around. Therefore I m using ntego virus barrier x5. But still I am not satisfied, is there a way to know who accessed my computer in my absence.

    Reply
  21. I have asked a question that has a few simularities with this 1, my query here is assuming some1 has accessed my laptop, (and they have, there was a search history of a site i havent used. though i am fairly sure it was not a physically typed in search on this keyboard) is there anyway to proceed to both prevent it re-occuring? and if it is flagged up and the isp looking at it think that aint right ect what can i do about it? at the time pop up blocker was off as i heard it slowed windows 7 dramatically, it is now firmly switched on. further note : i access the internet via an internet dongle

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.