Ethernet Security

[timocrates]

This is a simple question with perhaps a more complex answer.

I once came upon a guest of our son, his fiancée, in fact, upstairs with her laptop plugged into our iMac, thus our network. She mumbled something about work. Our son wasn’t there.

My question is, did she not simply ask us for the password so as to remain anonymous? Would she have been able to access private data by plugging into the network by a port in the iMac?

Some background. The lady was proven to be very dishonest and the engagement was broken. Later we discovered, as did our other son where she also visited, our credit cards had been hacked and charges made against them.

Just wondering.

 

[Tartarus]

This is a simple question with perhaps a more complex answer.

I once came upon a guest of our son, his fiancée, in fact, upstairs with her laptop plugged into our iMac, thus our network. She mumbled something about work. Our son wasn’t there.

My question is, did she not simply ask us for the password so as to remain anonymous? Would she have been able to access private data by plugging into the network by a port in the iMac?

Some background. The lady was proven to be very dishonest and the engagement was broken. Later we discovered, as did our other son where she also visited, our credit cards had been hacked and charges made against them.

Just wondering.

There is a remote, distinct possibility she could have been able to hack your other computers on that network, but I wouldn’t know how.

If you were able to reverse the charges against your creditcards, I wouldn’t worry much about anymore.

However, it would be wise to change all your passwords and credentials for critical services online.

 

[Annie_M]

It definitely sounds suspicious to me.

 

[Mars20]

There is a remote, distinct possibility she could have been able to hack your other computers on that network, but I wouldn’t know how.

If you were able to reverse the charges against your creditcards, I wouldn’t worry much about anymore.

However, it would be wise to change all your passwords and credentials for critical services online.

In addition to Tartarus' great advice, I would suggest running a program such as Malware Bytes to make sure this "guest" did not place any malware on your computer (s).

 

[Lee_Bo]

I'm not sure if, assuming it was a LAN cable, you can get network access to a laptop by connecting a LAN cable into a Mac.

 

[timocrates]

There is a remote, distinct possibility she could have been able to hack your other computers on that network, but I wouldn’t know how.

I

Actually, there was the iMac on the network but it was connected to the router by WiFi as were all the iPads and iPhones. It did hold lots of financial data, and my suspicion is that was what she was after. I don’t remember if she was using an Apple laptop.

We are constantly warned to protect our Wifi networks from nefarious trespass, so I just assumed she would have been able to hack into the iMac. Otherwise, why bother to password protect the network?

 

[Ed7789]

The iMac can be used to share its network connection, over any kind of other network connections including Bluetooth, Ethernet or Thunderbolt.
There is a checkbox for this feature in System Preferences, Sharing and Internet Sharing.
You might want to review the other sharing settings, if they are enabled, as several of them (Screen Sharing, File Sharing, Remote Login, Remote Management, Bluetooth Sharing), will expose your data over the local network.
You might also want to enable the firewall on all your devices. It’s not enabled by default, and it is available in System Preferences under Security & Privacy, and Firewall.

 

[imwjl]

As a network administrator your terms don't make sense to me. Ethernet or WiFi are network protocols. If your iMac or any computer in your home network has poor security such as shared folders without protection you could be vulnerable.

Your credit card and all private data should always be protected with strong encryption. Password and privacy managers like LastPass make that easier.

There's a lot of good information on how to protect your private data and personal devices more polished and complete than I have time or space for here. A good place to start for people is Apple, Google & Microsoft training and instructions because so many use those platforms.

 

[timocrates]

This is a simple question with perhaps a more complex answer.

I once came upon a guest of our son, his fiancée, in fact, upstairs with her laptop plugged into our iMac, thus our network. She mumbled something about work. Our son wasn’t there.

Let me be clearer. This is not a present danger nor a request for security advice. It simply asks if someone could access all of the data on an iMac by plugging into a port, and is that an easier method of stealing data than logging into the Wifi network?

 

[Tartarus]

Let me be clearer. This is not a present danger nor a request for security advice. It simply asks if someone could access all of the data on an iMac by plugging into a port, and is that an easier method of stealing data than logging into the Wifi network?

Theoretically yes.
But there are so many factors to take in account to be sure to answer correctly.

 

[Wotchered]

As far as I have read, with the right thumb drive you can download everything on a computer if you have physical access to it.

 

[imwjl]

Theoretically yes.
But there are so many factors to take in account to be sure to answer correctly.

Yes, the OP should be concentrating on elemental set up matters such as the user accounts, password policy, drive encryption, backup encryption and sharing. For a start, Apple has good training whether self-help or attending sessions at their stores. That will be far better than what a few of us could do in this small space in addition to knowing the advice is qualified or vetted.

Knowing the Apple Stores are not all over, the certified/authorized independent sellers can also be good. This site will offer good how to articles. There's good YouTube content to help too but you have to use come care to know it's a qualified and quality source of info.