I use internet connection sharing, and have my network set up as
follows:
-
DSL Internet Connection connected to PC “A” through USB modem.
-
PC “A” shares its internet connection
-
PC “B” is connected directly to PC “A” and uses that shared internet
connection.
I was using an old ICQ account on PC “B” when someone I didn’t know popped in and
started telling me about stuff on my PC “A”.
Of course I did my best to catch the spot from where he got through but
couldn’t find a thing. I tried to scan for viruses or trojans and examined my
PC for security holes using an internet service but again nothing. How could he
do it? And how can I protect myself?
Your PC “A” is acting like a firewall to PC “B”, so PC “B” is protected, but
from what you describe PC “A” is sitting naked on the internet.
This is not good.
Get behind a firewall. Now.
Become a Patron of Ask Leo! and go ad-free!
This isn’t the result of a hack or a virus or anything like that. It’s due
to the way you have your network configured.
Forget machine “B” for a moment; your machine “A” is connected directly to
the internet without protection. No matter what else you’re doing, it’s
potentially vulnerable to all sorts of intrusions, as you’ve seen. That’s why I
so strongly recommend that you always put yourself behind a firewall when you
connect a machine to the internet.
The firewall can be hardware or software. Get behind a router that does NAT,
or install a software firewall, or even just turn on the Windows Firewall on
machine “A”. The differences between those approaches pale compared with having
no firewall at all.
Now, why when you were using PC “B” for your conversation was PC “A” the one
your friend could see?
it’s automatically also protecting itself; it’s not.”
Because PC “A” was itself acting like a firewall.
When internet connection sharing is enabled, it performs NAT or Network
Address Translation just like routers do. As a result, all the
computers that share that internet connection are hidden behind that firewall.
The only thing visible from the internet is that firewall, or in this case, PC
“A”.
But just because one PC can act as a firewall to protect others doesn’t mean
it’s automatically also protecting itself; it’s not. So while PC “B” is
appropriately and importantly protected by PC “A” acting as a firewall, PC “A”
itself is unprotected.
My recommendation, for simplicity’s sake, is simply to get a broadband
router. Connect that to your modem, let it be your firewall, and then
connect your two PC’s to the router.
Some of us with older broadband connections (mine is an older Hughes/Direcway satellite connection, DW4000) don’t have the router option as the ONLY connection option is USB and software on the host computer for it all to run right. So I HAVE to run ICS without benefit of a router firewall in front of it all (as I don’t have a spare machine that could have no other duties besides running the satellite connection and passing it on to a router).
But some firewalls (and I don’t have experience with many, so PLEASE don’t take this as a recommendation) are set up for ICS – I’m using the not-free version 7 of Zone Alarm Security Suite which has an ICS protection option – I hate that it slows my boot time unbearably but it does seem to be doing a good job of protecting both my computer (the host) and my kid’s (the client) from incoming annoyances (100% from Shields Up for both computers) but, since it is not installed on hers, doesn’t take care of outgoing concerns from her machine, I am still working on that as I don’t want to burden her older, slower computer with the bloat of the full-blown ZASS 7.
So there are options…a good firewall on the host computer may be fine for incoming attacks for all machines on a local network but it seems that software on each individual machine is needed to deal with possible outgoing issues…
Lelani