[The Spaniard]

I am sharing a cable connection with my windows laptop via a mere hub. I do not have a router because my ISP told me I can't use one (only two MAC addresses allowed). Besides they're expensive and stores are not good at letting you return those things here in Spain. I only want to buy it if I'm sure i can use it.

Since I don't have a router, can I count on OSX's firewall? Is it moderately reliable?

I started to worry because I saw some Alejandro's computer on my network window. Is that guy connected to my machine? How can I know his IP, whether his draining my bandwidth and above all, stop him?

All I had was windows sharing on (for my laptop) but even when I turned it off, I could still see him. (Curiously my windows machine can't.

I'm not developing secret formulas, but then again, I wouldn't want strangers messing with my machine system, etc.

Thanks for reading. I'd appreaciate any input or suggestion on this.

[xanderwilson]

Originally posted by The Spaniard:

I'm not developing secret formulas, but then again, I wouldn't want strangers messing with my machine system, etc.

Airport's built in firewall is generally pretty good and I wouldn't suggest you need anything more to protect you from net attacks, unless you run a server or something (in which case I'm not the one to ask).

If you don't have encryption/password protection on, though, anyone nearby with wireless access can share your internet connection. Reading or changing files on your computer (that aren't in a public directory) would require some hacking on this other person's part, and isn't likely even if you don't have your network encrypted. YMMV.

But unless you have a specific reason for not doing so, I strongly recommend password protecting access to your network. If someone downloads something illegal from your internet connection, you could be the one blamed/accused.

Alex.

[ghporter]

Few ISPs willingly tell customers that they can use a router, because they often like to sell their own home networking packages, or they're affraid the customer will do something silly like use the promised bandwidth. A typical cable/DSL router will expose only one MAC address to the modem. They use something called Network Address Translation (NAT)to hide everything on the LAN side from the WAN side. Most will also let you report to the modem any MAC address you want, which defeats most cable ISPs' "one computer only" schemes.

The best way to keep outsiders out of your wireless network is to use "MAC Address Filtering," (I don't recall if AirPort Base Stations support that, but you didn't mention what sort of wireless access point you have) along with strong encryption-WPA or at least 128-bit WEP. MAC Address Filtering allows only specified MAC addresses (which means only specified network cards) to join the wireless network, while encryption protects the data going back and forth on those radio signals.

On top of that, use good passwords when setting up shared resources. That keeps even more determined intruders from being able to exploit your data if they somehow manage to access your network.

[car1son]

I'm not sure why previous replies assume you have an Airport / wireless connection. (Perhaps a previous post?) If you do have an Airport, disregard this.

It sounds to me like your cable company is connecting all the customers on one or more cable runs together in one big LAN (subnet). So you see the neighbors... and they will see you.

Your Mac receives the messages the neighbors' systems broadcast announcing their servers, and makes them vivsible to you. (If you run file sharing on your Mac or PC, chances are the neighbors will see them, too.)

If you are running any servers (file sharing, web sharing, iTunes sharing, printer sharing...) you should be aware the neighbors will see them as well - as a result you don't want anything "public"; any file sharing should be protected by good passwords. When you turn on a server (e.g. file sharing) OS X's firewall opens the necessary ports to run that file server - so other systems can get to it; unfortunately in your case, this would include the neighbors.

If you are not sharing files or anything between the PC and the Mac, then turn off all the sevices in the "Sharing" System Preferences (they should have come that way by default) and turn on the Firwall, and your Mac's OS X firewall is probably enough to protect the Mac. The PC is on its own look-out.

(In addition, be sure to keep that Window's system up-to-date on critical security updates! There are a lot of nasty Windows worms out there.)

I'd ignore the ISP and get a router, which would give your home network isolation from the hostile internet outside. A router would have only one MAC address ("Ethernet ID" in Apple's terminology) and use one IP Address, and share that among your home computers in a way pretty much invisible to the ISP. But, since I'm not in Spain, I suppose local tarrifs and laws might be different.

Router or not, you should also be aware that - if my supposition is true - the neighbors will be able to monitor your (unencrypted) internet usage if they choose.

[Applefreak01]

He said he's sharing his cable connection with a hub not Airport. I would say get a router with a built-in 4 port switch or even one with a built-in 4 port switch plus wireless if you want. Routers use one MAC address that reports to your cable company and everything else behind the router has a LAN (Local Area Network) MAC address with NAT (Network Address Translation) which the cable company doesn't know is there.

When you get your router call your cable company and tell them you got a "new" computer that you want to use the cable internet on. Give them the MAC address of the router as the MAC address of your "new computer". All they should have on file now are the MAC addresses of the router aka "new computer" and the cable modem. Then plug your computers in with some ethernet cables and that's it.

As far as the unknown computer on your network, I would think he has a Mac because you can still see it after turning Windows File Sharing off on your Mac and your windows computer can't see him.

Do you have an airport card installed in your Mac? Do you have Internet sharing on through your airport card if you have one? Do you have any other file sharing options turned on in Mac OS X?

But I would say go with the router with built-in 4 port switch that should take care of your security problems. With NAT your computers are protected fairly good and file sharing between your Windows and Mac computers might be faster depending on the speed of your hub. I'm not sure on the price for routers in Spain but it would be worth it so you don't get into any possible trouble with some guy you don't know doing who knows what on your network.

[The Spaniard]

Thanks for the input guys!


I guess I forgot to mention but I'm not using Airport (it's a regular cable LAN) so I guess having my bandwidth stolen is not the biggest problem.

I did turn off windows sharing and I can still see these computers. I'm pretty sure they're Mac users because when you login as a guest you the the classic "Drop Box".

BTW, I called my ISP and told them I was seeing neighbor computers. From the guys attitute I was expecting a Police van to arrest me. He was really "offended" I was suggesting their network was permeable. Customer Service hasn´t arrived to the Mediterranean yet...

I'd like to clear up a couple of things though:

First, if I have all sharing off, will these guys still be able to see me?

Second, when I get a router the MAC address will count as a single computer, and no matter how many machines I connect to it the ISP will only see it as a single one - Did I get this right?

Third even though I have windows sharing one (people can see me) they'd still need a password to get in, in other words would I know if someone logged in my computer (monitoring software)?

Finally - a little cliché - but if you have any router suggestions (you know Mac friendly, good prices) don´t hesitate.

Once again, thanks for posting.

[Freeflyer]

I have two netgear routers. One is the main router/firewall and the other is configured as a simple access point to extend coverage. The hardware is great, but I've found that Netgear's phone support is practically nil if you use a mac. The first thing they said was to run something on windows, when i told them I had a mac they said "can you borrow a windows machine then". I hung up and posted a question here and had an answer in about half an hour.

I like the hardware though and recommend it.

J

[Applefreak01]

Originally posted by The Spaniard:
Thanks for the input guys!


I guess I forgot to mention but I'm not using Airport (it's a regular cable LAN) so I guess having my bandwidth stolen is not the biggest problem.

I did turn off windows sharing and I can still see these computers. I'm pretty sure they're Mac users because when you login as a guest you the the classic "Drop Box".

BTW, I called my ISP and told them I was seeing neighbor computers. From the guys attitute I was expecting a Police van to arrest me. He was really "offended" I was suggesting their network was permeable. Customer Service hasn´t arrived to the Mediterranean yet...

I'd like to clear up a couple of things though:

First, if I have all sharing off, will these guys still be able to see me?

Second, when I get a router the MAC address will count as a single computer, and no matter how many machines I connect to it the ISP will only see it as a single one - Did I get this right?

Third even though I have windows sharing one (people can see me) they'd still need a password to get in, in other words would I know if someone logged in my computer (monitoring software)?

Finally - a little cliché - but if you have any router suggestions (you know Mac friendly, good prices) don´t hesitate.

Once again, thanks for posting.

I'll try to answer your questions as best I can.

1. As long as you have file sharing off on your Mac they shouldn't be able to see you. If you can see them then it means that they still have file sharing on and are broadcasting their location to your computer.

2. The router's MAC address will show up as a single computer to your ISP no matter how many computers you plug into it. You got it right!

3. You can check your sharing log to see if anyone has logged into your computer. I'm not sure where in Windows the log is but I know there has to be one to look at. But they have to know a username and password to login to your windows computer if you have the permissions for file sharing setup right with only username and password access and no everyone or un named user access.

I would suggest getting a netgear or linksys router both are good brands for routers.

[The Spaniard]

Once again guys, thanks for the great answers. I'll try to look for those brands and their prices here. I hope I can find something reasonable because the few I've seen aren't at competitive prices. If you have any other suggestions, please go ahead.

A special salute from Barcelona!

[ghporter]

Spaniard,

The only reason I mentioned a wireless connection is that is the only way for someone who doesn't have a cable plugged into your network to use your bandwidth. My suggestion was one of the more straightforward ways to run a wireless network without allowing others to connect without permission.

Your Mac's firewall should keep everything out (unless you let it in), and as long as you don't have filesharing on, you shouldn't even be noticable on the (cable) network.

Sorry about that customer service problem, but their configuration does appear to allow you to see (and potentially connect to) your neighbors' computers. Not good for anyone.

I would even volunteer to buy a cable/DSL router for you and ship it, except for the fact that (hassle factor excluded) duty and shipping would eat up any savings you might realize from buying in the states. (I once shipped about $150 worth of merchandise from a wonderfully cooperative vendor in Toledo (yes, the one in Spain!), and wound up paying almost $250 counting shipping and customs fees. Sigh. I guess the 'revinuers' always get their cut one way or the other.)

[The Spaniard]

Originally posted by GHPorter:
Spaniard,

The only reason I mentioned a wireless connection is that is the only way for someone who doesn't have a cable plugged into your network to use your bandwidth. My suggestion was one of the more straightforward ways to run a wireless network without allowing others to connect without permission.

Your Mac's firewall should keep everything out (unless you let it in), and as long as you don't have filesharing on, you shouldn't even be noticable on the (cable) network.

Sorry about that customer service problem, but their configuration does appear to allow you to see (and potentially connect to) your neighbors' computers. Not good for anyone.

I would even volunteer to buy a cable/DSL router for you and ship it, except for the fact that (hassle factor excluded) duty and shipping would eat up any savings you might realize from buying in the states. (I once shipped about $150 worth of merchandise from a wonderfully cooperative vendor in Toledo (yes, the one in Spain!), and wound up paying almost $250 counting shipping and customs fees. Sigh. I guess the 'revinuers' always get their cut one way or the other.)

GH thanks for the effort. I imagine duty and shipping would really be the problem.
I'll look around over here for the best prices. A few stores in downtown Barcelona can manage to get better prices (don't ask me how they do it) but as you may have figured out, customer service or returning periods are terms that do not exist on those people's vocab. So I'd better be sure about what I'm getting. In the meantime, I'd better keep looking for a better salary to keep up with the awful prices we pay here in Europe.

Which by the way I'd like to check something with you guys: if I'm getting a router, I guess I'd better get one with wireless included (more bang for the buck?) - which technology should I look for A, B or G?

Thanks again!

[Applefreak01]

I would get 802.11g. It's backwards compatible with 802.11b and you can get an 802.11g PC card for your windows laptop if you can use PC cards with it or a USB adapter in the future if you decide to go wireless. I'm not sure which Mac you have but it sounds like you can only use 802.11b 11mbps speeds (where 802.11g is 54mbps speed) on your current mac. But if you get a new Mac in the future it will most likely use 802.11g or something higher that should be backwards compatible with 802.11g.

If price is a major factor then I would go with 802.11b. I'm not sure about the price over there in Spain, but here in the in US 802.11b routers are around $60.00 and 802.11g routers are around $99.00 to $200.00 USD with all the bells and whistles.

I only have 802.11b cause my iBook can only work at that speed. It's great for internet cause your average broadband internet uses 1-5mbps if that so 11mbps is fast enough, but for file sharing it's slow as heck compared to ethernet's 100mbps.

[The Spaniard]

Thanks Apple

I actually have a G5 (years of savings, big hole on credit card). But unfortunately i blew all in it and my peripherials really don´t come up to the standard. (I have a 1994 apple monitor connected to it - at least I painted it silver - definitely cheesy).

I guess I'll go with the G technology (and postpone for some time my first purchase of clothing in almost two years! - socks included!) because fast file transfer is really important for me at the moment. I imagine my investment will last a little longer if I get the newer technology as well.

Apparently US Robotics is a popular brand here (as well as SMC). I imagine they're all good but, is there any brand you guys wouldn´t recommend at all?

And by the way I should get a Router, not an access point correct?

Thanks again!!

[Applefreak01]

Get a router. That's what you need. An access point doesn't router the incoming broadband internet connection it's used to add wireless to an already existing wired network or extend a wireless network. I would say get whatever you want or what you have access to over there.

[The Spaniard]

Got it buddy!

Thanks!