PDA

View Full Version : Going invisible on shared network?



archon212
09-27-2015, 07:48 PM
Hi,

I've been told elsewhere to make sure that all sharing is deactivated in system preferences in order to prevent others on a shared network from both accessing my computer and being able to see it listed under their 'shared' list in finder. (I've also enabled a maximum firewall and stealth mode, but bonjour, etc., still functions.) In other places, I've read it's impossible to not appear there, and in still others that doing so involves turning off bonjour signalling, which may or may not render your network connectivity inoperable.

Merely adjusting preferences to be invisible doesn't seem enough: I can't connect others' devices I see in my 'shared' section, which must mean they've got their sharing turned off, and yet I can still seem them. I don't want my device broadcast or visible at all, if in anyway possible.

This article, for instance, involves an older OS than Yosemite (which is what I have), but the advice is that you can run a command in Terminal to turn it off: http://superuser.com/questions/154108/how-do-you-hide-a-computer-name-on-a-network-os-x-10-6

I'm reluctant to attempt anything like that not knowing what I'm doing, and I'm not even in a position to test whether it worked on another device right now. Can anyone explain if it's possible or not and what bonjour has to do with it?

Again, my concern is not with preventing sharing, which I know is off, but with not appearing in anyone's shared folder.

Thank you very much.

lclev
09-27-2015, 10:52 PM
If you have turned off all the sharing features you should not be visible to others on the network. Your MAC address (the address of your wifi or ethernet card will be visible to any network server or a network scanner app. It has to be or you do not connect and get an ip address for internet access. If you disable Bonjour you will not be discoverable by the server that is going to assign your computer an ip address and allow internet connecting. Bonjour also does a lot with the sharing of files and printer usage. But if you turn off all the sharing features in sharing you will not have any of those services but you will have internet.

Keep in mind you can share and show up on a network but that does not mean someone can just click on the name of your computer and have access. Your computer - if you have set up sharing to allow only approved users - will ask for a user name and password.

Hopefully I have answered your questions.

Lisa

archon212
09-27-2015, 11:05 PM
That helps a lot, thank you.

Maybe you could further clarify for me: turning off all sharing features simply means having all of the listed things to share unchecked in the relevant section in system preferences?

And one other question about my IP and/or MAC identification if you know: I'm using a VPN service which I assume hides both of those from others on a network? The problem in the past I've had is that when using an IP scanner, I see my device listed twice - once with the real IP and once with the proxy. The VPN provider was useless in telling me whether or not the real once was only visible to me, or if both could be detected by others using a scanner. Any ideas? And is a scanner the usual means that someone would use if they were looking for your IP/MAC ID?

Thank you.

lclev
09-28-2015, 12:09 PM
Just for an experiment - now that I am at work on a network - I turned off all the sharing features on my Mac Pro. Then I checked on my windows computer to see what it could see on the network. My Mac Pro no longer shows up under Network at all which means no sharing either. When I do have sharing setup it is for my login id ONLY - but it will show on other computers on our network.

As for a VPN - All that is doing is providing an extra layer of encryption and protection. 99% of the people who use computers do not know how to scan a network for MAC or ip addresses. As a network admin I have at my disposal several scanning apps that I use for various reasons to keep the network running smoothly. Most are free - I do have one paid for app that gives me more detailed info - but keep in mind a person running a scanner has to know how to interpret the data and how to use it -not many do.

When you scan for your device on a local network you will see the ip that has been assigned by the local DNS server. Once you engage the VPN, it will reassign a secure connection with another ip address. So in effect you are on a protected, secure, encrypted connection. But computers communicate and identify devices using ip addresses that are assigned - temporarily - to you machines MAC address. If not you get nothing. With all the safeguards in place you should be fine. But there is no perfect invisibility once a computer is connected to any network. And there lies the issue with data breaches and hacking.

Lisa

archon212
09-28-2015, 07:20 PM
Just for an experiment - now that I am at work on a network - I turned off all the sharing features on my Mac Pro. Then I checked on my windows computer to see what it could see on the network. My Mac Pro no longer shows up under Network at all which means no sharing either. When I do have sharing setup it is for my login id ONLY - but it will show on other computers on our network.

As for a VPN - All that is doing is providing an extra layer of encryption and protection. 99% of the people who use computers do not know how to scan a network for MAC or ip addresses. As a network admin I have at my disposal several scanning apps that I use for various reasons to keep the network running smoothly. Most are free - I do have one paid for app that gives me more detailed info - but keep in mind a person running a scanner has to know how to interpret the data and how to use it -not many do.

When you scan for your device on a local network you will see the ip that has been assigned by the local DNS server. Once you engage the VPN, it will reassign a secure connection with another ip address. So in effect you are on a protected, secure, encrypted connection. But computers communicate and identify devices using ip addresses that are assigned - temporarily - to you machines MAC address. If not you get nothing. With all the safeguards in place you should be fine. But there is no perfect invisibility once a computer is connected to any network. And there lies the issue with data breaches and hacking.

Lisa


Thanks a lot for that information, I really appreciate it.