So I'm browsing the site today, wife is out all day and the kids are elsewhere in the house. We have a wireless network and some teenagers that live next door, pretty tech savvy. All of a sudden my cursor starts not responding to my touchpad. In fact, it's going wherever it wants! I move it right, it moves back left. Oh CRAP! I thought - it's a mac, and it broadcasts its name on the network (so-andso's MacBook Pro) and someone is screen sharing! I cant figure out quite how, but maybe one of my kids has opened a connection from another computer in the house, they might well know the passwords (we have to change them all the time), or WORSE! It might be the teenagers next door who could have eother hacked the password or asked my kids, who are seeing that I am on Crossdresers.com! Oh Shit! No one else at home would be surfing that site, (certainly not my kids - cant blame it on them...) especially if they saw I was signed in!

I am DONE! The neighbours kids know my secret! I rapidly try to move the mouse up to sever the wireless connection, but the mouse is now moving REALLY fast and trying to stop me. They won't let me sever the wireless connection. They want me to stay on this page so they can take a screenshot or something. I am on the point of powering down in a frenzy, when I get my cursor to hover for just long enough over the icon to sever the wireless connection. I sit still, stunned. Someone knows. Someone thought it would be funny to screen share my computer and they caught me on a crossdressing forum. Will I have explaining to do to my school age kids, or will I face knowing looks from the neighbours kids? Resigned, I change the wireless password immediately, and I contemplate my fate, and possible explanations I might give (But the damned computer is "My"MacBook Pro" - explain THAT! I am well and truly screwed.

Just then my son comes around the corner holding up the wireless Razor mouse that is paired to this computer, and he says "Hey Dad, what IS this?" He has been playing with the mouse upstairs! My secret is safe. I need a drink, ladies.

Better have a extra drink to to calm the nerves, Glad everything work out. we don't want to see Marina leave us girls, hugs.

Make that a double. How terrifying that must have been. It is the burden we pay for the dual worlds we feel we have to be in. I am so happy for you that this had a happy ending.

I think it's hilarious! If you all could have seen my face..........

lol! Our son hacked into our network with his iphone with an app in 20 seconds.... showed me the password... went out and bought the best 24 character wap2 encrypted wireless router... he said he can still break in but it takes 2 straight weeks... .

O my God; I'm surprised your heart is still working. That must have been THE most scary moment for you! Glad it turned out alright in the end.

Don't worry about broadcasting the SSID of your computer, if the kids next door really are tech saavy it won't stop them and they will still be able to see it.

Settings security enable firewall, enable installation from App Store only
Sharing - change computer name it's in bold across the top. Disable remote screen sharing, disable bonjour, airdrop.

Macs are pretty root kit free, and if someone's did drop the modified stuxnix dylb onto your Mac, you wouldn't see what they were doing.
If you really wanna know what's going on on your Mac at all times including users and processes you can overlay that on your desktop with geek tool. Choose console log access log and write a quick perl to cat /etc/passwd.
You can pm me if you want to see examples of my desktop. I would show it here but it's pretty identifying.

If you really want to secure your wireless, grab free radius, drop it on a nas or nix box, and use WPA enterprise with certificates.

Edit - forgot, if your Mac is on AD, you also have to change your hostname from directory services.

Choose console log access log and write a quick perl to cat /etc/passwd.


(Giggles, and bats her eyelashes) "Huh?" :battingeyelashes:


Thx, though, MK

A decade ago (admittedly), I was in the ''puter biz". Now, not so much. Facebook is a security nightmare, which I'm one of give people on earth not "connected".

Wow!

I've only had a couple of those "panic moments" myself.

Most recently when Facebook started doing this "synced from phone" stuff with your pictures, and it synced a WHOLE PHOTOSHOOT! :eek: 30+ pictures all sitting on Facebook :straightface:

Thankfully it doesn't actually share the pictures till I ask it too, but it still gave me a good scare! :heehee:

Such a relief to realise that you won't be forced into explaining your hobby too early.

Thank you for reminding me why I try to avoid wireless computing. I was disappointed when the better mice and trackballs went wireless. WEP wireless security is easy to break with software, as your son demonstrated, Karren. I still prefer wired ethernet: signals that aren't broadcast can't be intercepted.

Here, this way is a little cleaner


awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Results in:
username: nobody uid:-2
username: root uid:0
username: daemon uid:1
username: _uucp uid:4
username: _taskgated uid:13
username: _networkd uid:24
username: _installassistant uid:25
username: _lp uid:26
username: _postfix uid:27
username: _scsd uid:31
username: _ces uid:32
username: _mcxalr uid:54
username: _appleevents uid:55
username: _geod uid:56
username: _serialnumberd uid:58
username: _devdocs uid:59
username: _sandbox uid:60
username: _mdnsresponder uid:65
username: _ard uid:67
username: _www uid:70
username: _eppc uid:71
username: _cvs uid:72
username: _svn uid:73
username: _mysql uid:74
username: _sshd uid:75
username: _qtss uid:76
username: _cyrus uid:77
username: _mailman uid:78
username: _appserver uid:79
username: _clamav uid:82
username: _amavisd uid:83
username: _jabber uid:84
username: _appowner uid:87
username: _windowserver uid:88
username: _spotlight uid:89
username: _tokend uid:91
username: _securityagent uid:92
username: _calendar uid:93
username: _teamsserver uid:94
username: _update_sharing uid:95
username: _installer uid:96
username: _atsserver uid:97
username: _ftp uid:98
username: _unknown uid:99
username: _softwareupdate uid:200
username: _coreaudiod uid:202
username: _screensaver uid:203
username: _locationd uid:205
username: _trustevaluationagent uid:208
username: _timezone uid:210
username: _lda uid:211
username: _cvmsroot uid:212
username: _usbmuxd uid:213
username: _dovecot uid:214
username: _dpaudio uid:215
username: _postgres uid:216
username: _krbtgt uid:217
username: _kadmin_admin uid:218
username: _kadmin_changepw uid:219
username: _devicemgr uid:220
username: _webauthserver uid:221
username: _netbios uid:222
username: _warmd uid:224
username: _dovenull uid:227
username: _netstatistics uid:228
username: _avbdeviced uid:229
username: _krb_krbtgt uid:230
username: _krb_kadmin uid:231
username: _krb_changepw uid:232
username: _krb_kerberos uid:233
username: _krb_anonymous uid:234
username: _assetcache uid:235

Wow that is a very scary thought. Glad to hear it was a false alarm.

(Giggles, and bats her eyelashes) "Huh?" :battingeyelashes:


Thx, though, MK

I know! I am starting to realize just now computer illiterate I am!

My router has a feature called MAC address filtering. Every computer has a unique MAC address, which looks something like this: e0469a0401e9. I can give it a list of MAC addresses and say 'don't let anyone on who is not on this list'. I don't know if it is possible to fake a MAC address or not.

Deedee

Safest bet (short of not getting on here) is hardwired into a router with a firewall. Couple that with a personal (software) firewall like BlackICE or Zonealarm. That said, if you have a wireless network you should really secure it and you can Google a bah-zillion ways to do that. Above all else, remember nothing about Facebook is secure. Nothing. Good luck, sweetie.

Ok, that was great . I was rolling on the floor laughing out loud. Yeah, that feeling cant be explained, it has to be experienced. A DRINK. I would have need a bottle or atleast a 12 pack after that. Thanks for sharing. I needed that ....

Yea, just wait until the FB facial recog software goes viral and 'bots hit this site.... a few cross checks with the web and I'm toast...

It's only a matter of time I guess....

For now, I'm going to hold off on getting the crainial implant with DNA encryption... opps wrong century.. y'all ain't suppose to know that one yet...

Resistance is futile... but I still liked the story...

Renne.....

My router has a feature called MAC address filtering. Every computer has a unique MAC address, which looks something like this: e0469a0401e9. I can give it a list of MAC addresses and say 'don't let anyone on who is not on this list'. I don't know if it is possible to fake a MAC address or not.

Deedee

Yes it is possible fake a Mac address, it is called spoofing. The best thing you can do is be current on your operating system updates and encrypt you the directory where you keep private stuff.

But then again the best secret is one that never passes the threshold of your lips, and the other one involves degrees of trust. Which is really sad when I think about it. I think we are all rather courageous when I also think about it in the wild west of the internet. :-)

this is why it would be smart to have a second computer at home that is NOT CONNECTED in any way all free standing..


is this even possible these days?


.

Renee I think we are all gonna be toast. Because people like Jenn up there and Karren son gonna have us splattered all over the place. Best get ready for it. LOL. I laughed till I cried reading your comments. Because like Caitlyn. I now know, that I know nothing about the wireless situation. LOL . So Jenn my laptop to the Iphone hotspot at risk. And in English how do I fix it. English......... pretend I know next to nothing. Windows 8 & Iphone 4.

I named my wireless router FBI SURVEILLANCE VAN to mess with anyone who might see it via wireless....

Press "Control and F4 key" at the same time closes the tab or the browser (if you only have one tab open) that you are viewing. That would stop their screenshot capture.

Like turning off SSID, MAC address filtering is not effective either (if the person attacking is at all sophisticated.)
http://www.grc.com/sn/sn-011.pdf
Only WPA is secure, but only if properly configured and one is using a very long and highly randomized (inconvenient) passphrase.

One could have an unconnected backup computer, but one would need to spend time patching it if it needs to go online. Connected or not, everyone should have a 2nd (or more) backup computer for redundancy, it can help avoid being offline if the primary computer is down.

Press "Control and F4 key" at the same time

They are supposed to, but not all programs respond to that. Alt-F4 is more universal; on Windows systems it closes the current application. If your browser asks "close all tabs?" just press Enter.

I fear this all the the time, we have several computers in the house, with WI-FI. I have captured web sites from one of my neighbors that I know that my wife and I would never go to. And maybe our neighbors may see this site. I really don't worry about it. If they see my few pics on here, I know they could not tell it's me. But if on the small percentage that I was recognized, and if they spoke to me and said we found out about you and you are freakish cross dresser, I would just say yes I am, so now do you not like me pushing your children on the swing?
I don't really worry about it anymore.
And MarinaKirax, I'm so glad for you that all is good or you now.

In reply to the pm's
Number one, use strong passwords and change them regularly! Never use the same password for more than one login!
Strong password generator here -> http://strongpasswordgenerator.com/

Basic wireless security - do all these things
Disable remote management on router
Enable MAC addresss filtering
Disable ssid broadcast
Wep security (very ineffective, but some older routers only support this, always WPA personal minimally when available)h
Use firewalls on internal computers
DMZ nothing, even though manufacturers state use DMZ, ESP for gaming devices.

better security
All the Above + WPA security
Disable DHCP and use static addresses only
Enable and view access logs regularly

best practices
All the above +
WPA enterprise with signed security certificate
Proxy all wireless traffic through VPN internally. (Prevents sniffing to procure WPA key - Karrens kids method)
Guest zone all non certificate securable devices, iPods, iPads, ps3 etc. only give them access to the Internet.
Any streaming media device, hardwire. Apple TV, Roku, smart TV's, etc. This prevents insecure packets and it reduces jitter and lag watching video.
Create Separate VLANs based on device. (Kids Macs are on one VLAN, my work computers are on another)
Create ACL's on your switches to route traffic appropriately.
Ay device that needs Internet access Inbound change the port to an obscure one. (Ie if you ssh into your home network, map port 3241 to 22)

Some of these, ESP in the best practices assume better than average consumer grade equipment.

All I can say everyone should read this thread and think what might be!
Jennilay and others have given comprehensive explanations and what is needed now is for you to read and understand what has been said.

Those that are into social networking be cautious as well without spoiling your enjoyment if the medium.

It is simple to upgrade your security. Even a little bit gives tenfold what you may have now.

I had lost 19 posts the other day I assume to bad posts being deleted.
I was skeptical because nineteen was a lot for one day.

giuseppina -- signals that aren't broadcast can't be intercepted. Sorry to disappoint you but they can. That is why top secret installations are inside of wire cages. It just isn't as easy.

I have captured web sites from one of my neighbors that I know that my wife and I would never go to.

Tara, can you elaborate on "captured"? Were you trying to use your neighbor's WiFi signal, or did those sites just appear in your browser, or...? Have you ever seen "normal" things pop up, like your neighbor's Facebook page?

All,

IMO it's like securing your home. If you live in a bad neighborhood, extra locks are a good idea. I live in a residential neighborhood and I can barely get a good WiFi signal from one end of my house to the other, so unless somebody is trying to break it, they won't even know I am here. My neighbors are mostly older people who can barely handle their own computers, much less break into mine.

I'm much more concerned about protecting myself from identify theft than Mrs. Grumby knowing that I wear panties. That's the reason I use MAC filtering, even though it is inconvenient when a visiting friend just wants to check their email.

Hi Mich Salem, Maybe I should have used a different word than "captured". But just a short while back, my wife was on the computer and she hit history. She asked what I was doing looking a such different websites than as is normal for me? After both of us working to figure out why web sites kept popping up as if we were viewing them, while all the while knowing we were not viewing them. The sites would then appear in cookies as we sat there. It was only for that one day as well.
I would never try to spy on my neighbors.

You probably hit a site that had under pops and it spawned a ton of sites that you clicked off before they loaded. The cookie is usually dropped in before the page fully loads as it is a concurrent request and the cookie data size is much smaller than images.

I wasn't implying that Tara, I was thinking more along the lines of "borrowing" an unsecured WiFi signal and seeing something accidentally. IMO what you saw has nothing to do with your neighbors, and nothing to do with WiFi security. Sounds more like unwanted popups ending up in your browser history. But I'm no expert.

That would be freaky. I have my network setup so that can't happen. I have windows, not mac, so can't tell you how to do it there........btw........MAC is for makup :)

Glad everything worked out ok.

You were in panic mode relax now.

A good friend from many years ago whose profession was smuggling once told me that sooner or later you're always going to get caught. Be prepared for it. That was good advice. Hiding has always made me very uncomfortable. I now avoid it like the plague.

This wouldn't be hiding, this would fall under security and loss prevention.

Remain calm. Put on more lipstick. Deep breath. Relax.

giuseppina -- signals that aren't broadcast can't be intercepted. Sorry to disappoint you but they can. That is why top secret installations are inside of wire cages. It just isn't as easy.

Your ordinary hacker won't have the equipment to sniff and interpret the RF that needs Faraday cage protection! There would be no point with so many easier targets out there. That said, I don't think that there would be much interest in the web sites anyone is viewing. They're looking for things that they can steal.

MAC Address filtering is a good way to go about things but as far as I know they can be spoofed. However, for future reference, on a PC or laptop (And I'm guessing it's the same for Mac) you cannot control another persons computer without either Remote Desktop (Windows) or a third party program such as Teamviewer. In either case you have to give permission for them to control things.

Of course someone who knows what they're doing could still get in and look around your file system but most people who can do that really don't bother with general household computers unless they know it'll be worth their time. To be honest, WPA/WPA2 encryption is pretty damn good. As long as you've got a good password no one can get on and they won't be able to break it. For instance my wireless password, which is the same for a number of things is 25 characters long and contains letters, numbers and symbols. It would take VERY long time to break, if at all.

Stacey.

To eryns post, I have a faraday wallet from Think Geek. Last year at DefCon I still got doxed and cover blown. (Not FBI or anything glamorous, just keeping a step ahead of the H/P's!)

If you understood anything above, you either work with me, against me or compete versus me :-)

There is likely a difference in effectiveness between a Honest To DoD TEMPEST enclosure and a Thinkgeek wallet. :)

An RFID tag in your wallet is designed to report data in a standard format when queried and therefore is an attractive target. The incidental emissions from a PC are not in a standard format and few non-governmental entities would be equipped to handle them, certainly not the script-kiddie next door. Even if you could analyze these emissions you wouldn't get much in the way of profitable information.

Wow I posted a picture of me in my wife's new dress and got chastised by several about wearing her cloths without telling her. Like you I've had some close computer calls but they wouldn't be close if I was out to the family as some have said to do. Easier said than done and think some should be more understanding as we don't all have understanding wives and or are single. Again, like you I've almost been uncovered and afterwards having escaped a stiff drink would be in order.

This is one reason why I have decided NOT to buy into all the latest wireless craze and all the silly gadgets. I have a simple cell phone, NEVER text, I have a hard wired LL phone and DSL hardwired router with firewall, and never use automatic update programs. I also still have hundreds of cassettes with the best music ever recorded, a big VHS collection and a simple TV. No worries, no incessant upgrades, they always work and are simple to operate. No handshake issues or hourly format changes.

So I'm browsing the site today, wife is out all day and the kids are elsewhere in the house. We have a wireless network and some teenagers that live next door, pretty tech savvy. All of a sudden my cursor starts not responding to my touchpad. In fact, it's going wherever it wants! I move it right, it moves back left. Oh CRAP! I thought - it's a mac, and it broadcasts its name on the network (so-andso's MacBook Pro) and someone is screen sharing! I cant figure out quite how, but maybe one of my kids has opened a connection from another computer in the house, they might well know the passwords (we have to change them all the time), or WORSE! It might be the teenagers next door who could have eother hacked the password or asked my kids, who are seeing that I am on Crossdresers.com! Oh Shit! No one else at home would be surfing that site, (certainly not my kids - cant blame it on them...) especially if they saw I was signed in!

I am DONE! The neighbours kids know my secret! I rapidly try to move the mouse up to sever the wireless connection, but the mouse is now moving REALLY fast and trying to stop me. They won't let me sever the wireless connection. They want me to stay on this page so they can take a screenshot or something. I am on the point of powering down in a frenzy, when I get my cursor to hover for just long enough over the icon to sever the wireless connection. I sit still, stunned. Someone knows. Someone thought it would be funny to screen share my computer and they caught me on a crossdressing forum. Will I have explaining to do to my school age kids, or will I face knowing looks from the neighbours kids? Resigned, I change the wireless password immediately, and I contemplate my fate, and possible explanations I might give (But the damned computer is "My"MacBook Pro" - explain THAT! I am well and truly screwed.

Just then my son comes around the corner holding up the wireless Razor mouse that is paired to this computer, and he says "Hey Dad, what IS this?" He has been playing with the mouse upstairs! My secret is safe. I need a drink, ladies.

Your computer doesn't have a power switch? A cord you can unplug?

Have a plan.