User profile for user: tenderidol
tenderidol Author
User level: Level 1
8 points

Concerned about security. Please help me find a solution.

Here's my situation: I live in campus housing and internet is provided by the school. We have a Time Capsule (TC) providing wireless access and backing up two MBPs and a PC regularly.


Few days ago, the school changed the network configuration and force all the wireless routers to be setup as an access point. I had to change the connection to internet from a router configuration to a bridge configuration. My TC now acts as an access point, and the computers are connected to it as usual through wireless data.


My problem now is that when I run the airport utility, or check the network around me, I am now seeing at least 20 other devices, some of which are time capsules. And if I unerstand this correctly, others are only a password away from accessing my time capsule on the network. I don't know how easy or difficult to "crack" the password, but even the small possiblity and being "exposed" to a lot of people makes me nervous.


Here are my questions:


1. How "safe" is the current setup? Would you just leave it as-is knowing that "everything" is backup to the TC and it is visible to a lot of people - albeit password protected


2. One alternative I was thinking of doing is getting a new router/access point for WiFi access and setting up the TC as a "private network" to use it just for backups. However, I'm not sure how this will be done by the MBPs since they'll be connected to the "new" wireless network. Do I have to manually switch to the TC's private network to be able to backup? I don't think I'll be able to be online with the new wifi network and backup at the same time to the TC via private network, correct?


Thanks for any suggestions in advance!

Posted on Sep 14, 2011 11:12 AM

Reply
3 replies
User profile for user: Bob Timmons
Bob Timmons
User level: Level 10
187,358 points

Sep 14, 2011 11:31 AM in response to tenderidol

1. How "safe" is the current setup?

On a shared network like this, there is probably a much higher chance of someone cracking your computer rather than the Time Capsule.


Even if they might be able to come up with the correct Time Capsule password, in order to retrieve the Time Machine back up files, the bad guy will still need to know your user name and admin password for your Mac.


But.....if he already has the user name and admin password for your Mac.....he won't bother with the Time Capsule at all if he can get straight into your computer.


Do I have to manually switch to the TC's private network to be able to backup?

Yes


I don't think I'll be able to be online with the new wifi network and backup at the same time to the TC via private network, correct?

That is correct

Reply
User profile for user: tenderidol
tenderidol Author
User level: Level 1
8 points

Sep 14, 2011 1:42 PM in response to Bob Timmons

Thanks for the suggestion.


I guess, I can remove everything else that I'm storing on the TC and just leave the default backup files, since they are not "individual" files and someone needs the computer password to restore them based on your reply.


Purchasing a new router -and setting it up as a bridge as required now- is an option, but it defeats the purpose of having automatic backups, since I have to switch from the WiFi that provides internet access to the private network to access TC. Even if I do it on my MBP, I know for sure that my wife won't do this 🙂


For the issue of having the computers hacked easier than the TC that you raised, what can I do to make them "invisible" or "less visible" in the network. Aside from using the TC, I don't do anything using the network and I dont mind being invisible there.


Thanks again!

Reply
User profile for user: Bob Timmons
Bob Timmons
User level: Level 10
187,358 points

Sep 14, 2011 2:49 PM in response to tenderidol

From the description of your network hookup, it will be very similar to taking your laptop to the coffee place and logging on to the wireless there.


If you open Macintosh HD and look under the SHARED heading on the left....you are probably going to see other computers depending on how many folks have connected to the wireless at the time.


You can "see" them and they can "see" you, but they will not be able to access your computer without full log in credentials. I know of no way to avoid being "visible" on a shared network using Ethernet connections.


It is possible to configure a "closed" wireless network using the Time Capsule so that your network name will not be displayed. The problem here is that this will only work for the most casual of users. There are dozens of free utilities on the Internet that will reveal a "closed" network in seconds. Most 13 year old kids with a laptop already know all about this.


Still, even though they can "see" the wireless network, they will not be able to log on without a password if you are using high quality wireless security like WPA2 Personal.


It is unfortunate that the network will not allow the Time Capsule to act as a firewall to shield the other network traffic from your devices.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Concerned about security. Please help me find a solution.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up