So I Was On Vacation Over The Weekend….

… And my wife and I ended up staying at a small Inn about 250km’s north of Toronto. One of the things that they advertised was high speed Internet (as I needed access if I got an emergency call from someone). When we got to Inn, there was no Ethernet jack. I flipped open my Macbook Pro and didn’t see a wireless connection (except for the one form the Inn across the street which was locked down). So my wife went to the office and came back with one of these powerline networking kits. I plugged it in and it worked right away.

This is where the fun begins.

I noticed from the IP address that I was assigned that the Macbook Pro was on the Internet with no firewall between the Macbook Pro and the Internet. Fortunatley OS X has a built in firewall that protects the computer from external attacks, so that was a non issue for me. Also, I noted that there was another PC that was visible to me. It turned out to be the office PC that I was seeing. To top it off, the guest account was enabled and I was able to fully browse the file system of the computer as well as copy and place stuff on to the computer if I were so inclined (which I was not).

Clearly, security was not the Inn’s primary concern.

The take home message is as follows:

  1. Always have a firewall on your computer (or use a router that has one) if it is connected to the Internet and turned on. This way you are more or less protected from the outside world.
  2. Never assume that people can’t see the stuff on your computer. Assume that the can and take steps to prevent it which includes disabling the “Guest” accounts on your computer.

The latter is important. Here’s how you do that under Windows XP:

  1. Right-click My Computer, and then click Manage.
  2. Click Local Users and Groups.
  3. Click Users.
  4. Right-click the Guest account, choose Properties.
  5. On the General tab, select Account is Disabled.
  6. Click Ok.

Note: This only works on a computer with Windows XP Home or Windows XP Professional computer that is NOT on a domain.

On Mac OS X 10.5, here’s how you do it:

  1. Go to System Preferences
  2. Click on the Accounts icon
  3. Highlight the “Guest Account” and ensure that “Allow Guests To Log Into This Computer” is unchecked.

Leave a Reply

%d bloggers like this: