I use internet connection sharing, and have my network set up as
DSL Internet Connection connected to PC “A” through USB modem.
PC “A” shares its internet connection
PC “B” is connected directly to PC “A” and uses that shared internet
I was using an old ICQ account on PC “B” when someone I didn’t know popped in and
started telling me about stuff on my PC “A”.
Of course I did my best to catch the spot from where he got through but
couldn’t find a thing. I tried to scan for viruses or trojans and examined my
PC for security holes using an internet service but again nothing. How could he
do it? And how can I protect myself?
Your PC “A” is acting like a firewall to PC “B”, so PC “B” is protected, but
from what you describe PC “A” is sitting naked on the internet.
This is not good.
Get behind a firewall. Now.
Become a Patron of Ask Leo! and go ad-free!
Forget machine “B” for a moment; your machine “A” is connected directly to
the internet without protection. No matter what else you’re doing, it’s
potentially vulnerable to all sorts of intrusions, as you’ve seen. That’s why I
so strongly recommend that you always put yourself behind a firewall when you
connect a machine to the internet.
The firewall can be hardware or software. Get behind a router that does NAT,
or install a software firewall, or even just turn on the Windows Firewall on
machine “A”. The differences between those approaches pale compared with having
no firewall at all.
Now, why when you were using PC “B” for your conversation was PC “A” the one
your friend could see?
it’s automatically also protecting itself; it’s not.”
Because PC “A” was itself acting like a firewall.
When internet connection sharing is enabled, it performs NAT or Network
Address Translation just like routers do. As a result, all the
computers that share that internet connection are hidden behind that firewall.
The only thing visible from the internet is that firewall, or in this case, PC
But just because one PC can act as a firewall to protect others doesn’t mean
it’s automatically also protecting itself; it’s not. So while PC “B” is
appropriately and importantly protected by PC “A” acting as a firewall, PC “A”
itself is unprotected.