Using two routers

She Loves Piano · Feb 27, 2008, 11:33 AM

Greetings,

I have a friend who I've lost contact with who told me he was able to hide his computer from intrusion in such a way that if someone tried to access his computer, all they would get would be a black hole. I know he did this using two routers, but I have no idea how he did it. What I want to do is to be able to connect my desktop to the internet, use it to surf, download, etc., but not have anyone able to "see" it. I hope someone knows what I'm talking about--I'm a noob when it comes to things like routers and networking. Many thanks for any help! :-)

Cetra · Local time: Feb 27, 2008, 12:25 PM

This isn't possible. You could have 100 routers in your network but the device that is connected to the internet modem is going to have a public IP address.

DeLorean · Local time: Feb 27, 2008, 01:30 PM

Ya Cetra is right... your friend was BSing you... I do things like this to computer dummies all the time 'my mac disc drive seconds as a cup holder...'

LiquidAcid · Local time: Feb 27, 2008, 09:51 PM

Read the Wikipedia articles about TCP/IP, NAT (network address translation) and port forwarding (and probably a few more).
Don't believe self-proclaimed computer experts, there is a lot of bullshit on the net and these people can't differentiate between true and false statements.

She Loves Piano · Feb 27, 2008, 04:07 PM

Thank you all. This was my fear--that he was wrong. I will read the articles LiquidAcid suggests. What would you recommend? Is there a way to "hide" your hard drives from the internet? Thank you! :-)

LiquidAcid · Local time: Feb 27, 2008, 10:22 PM

Don't share your files. Of course if your system has some sort of security issues that won't help you.
The router thing is a good idea, because most of trojan implementations open some ports on your local machine so that the trojan client can connect to you (the trojan server). If the router is a dedicated machine with strong access restriction and no port forwardings most trojans don't work.
Or at least the trojan client can't connect to them. They can still harm your system but that's another story.

Cetra · Local time: Feb 27, 2008, 02:32 PM

Just to add, password protecting your windows logon account is the best way to insure security on a Windows machine for beginners as this sets various sharing policies making it more difficult to expose your shares to the Internet.

LiquidAcid · Local time: Feb 27, 2008, 11:39 PM

Physical access is the problem. Give me a system with passworded windows logon and I can disable the pw in some minutes (remove BIOS pw if existant, boot from boot-cd and manipulate registry).

If you don't want this to happen you need some sort of encryption on the system, preferrably boot encryption (truecrypt 5.x does this).

Slash · Local time: Feb 27, 2008, 11:29 PM

Its almost like the old days of going into Starcraft/Diablo chatrooms and saying "I have porn in my profile, hit ALT+F4 to see" Then the room goes empty.

If there really was a way to do blackholes, everyone would be using them.

The_Griffin · Local time: Feb 27, 2008, 11:48 PM

Originally Posted by LiquidAcid

Physical access is the problem. Give me a system with passworded windows logon and I can disable the pw in some minutes (remove BIOS pw if existant, boot from boot-cd and manipulate registry).

If you don't want this to happen you need some sort of encryption on the system, preferrably boot encryption (truecrypt 5.x does this).

And IIRC even THAT is circumventable by turning a bottle of canned air upside down, turning the computer off and immediately spraying the RAM... although that might be hard drive encryption.

It's the nature of security, unfortunately. The only unbreakable security measures have the inconvenient side-effect of also locking out the people that are SUPPOSED to use it.

LiquidAcid · 09:50 AM

Originally Posted by The_Griffin

And IIRC even THAT is circumventable by turning a bottle of canned air upside down, turning the computer off and immediately spraying the RAM... although that might be hard drive encryption.

I know the article you're referring to. But you need a lot more equipment than just canned air.

Originally Posted by The_Griffin

It's the nature of security, unfortunately. The only unbreakable security measures have the inconvenient side-effect of also locking out the people that are SUPPOSED to use it.

Symmetric harddrive encryption is very easy today as it's completly transparent for the user and applications. All systems at my home have filesystems encrypted where sensible data is stored, AES+LRW, 384bits.

The problem The_Griffin mentioned:
Center for Information Technology Policy » Frequently Asked Questions
In case someone is interested.

DeLorean · 03:24 PM

Originally Posted by She Loves Piano

Thank you all. This was my fear--that he was wrong. I will read the articles LiquidAcid suggests. What would you recommend? Is there a way to "hide" your hard drives from the internet? Thank you! :-)

If you're very serious about your security on the internet, you can do the usual firewall/anti-virus/anti-spyware, and then go all the way a buy a proxy which can cover your IP. Not exactly what you wanted... but along the same lines. I'm not sure if Vista supports you covering your IP, but I'm fairly certain XP does.

P.S. - I like how She Likes Piano props everyone that helps her hehe.

She Loves Piano · Feb 28, 2008, 04:29 PM

Originally Posted by DeLorean

P.S. - I like how She Likes Piano props everyone that helps her hehe.

DeLorean,

You made me smile! I LOVE GFF and spend time here every day. I'm very appreciative of the expertise and kindness of the members here! :-) Love to you all!