Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Time Capsule - How secure is it?

craig1410

craig1410

macrumors 65816
Original poster
Mar 22, 2007
1,139
926
Scotland
Hi,
With the news about remote file sharing via mobile me becoming available on the Time Capsule I find myself wondering just how secure is the Time Capsule. If I am to enable the remote file sharing will that simply expose my personal files to every hacker and script kiddie on the 'net or is it pretty secure?

In general, mixing the role of firewall with any other function is considered a bad idea which is why I run a dedicated Monowall firewall between my ADSL router and my Time Capsule. However, with energy prices the way they are I have considered dispensing with the Monowall and just plugging the TC straight into the ADSL router. This would save me around £50 per year on electricity but I don't want that to be at the expense of security in any practical sense.

Does anyone know of any penetration testing having been done against the Time Capsule and whether it is up to the job of being primary firewall for a domestic network? My instincts tell me that having a firewall, wifi access point and file server in the same box is a bad idea but it is also a very convenient solution if it is secure enough.

Comments please...

Thanks,
Craig.
:)
 
You're paranoid. You're not the CIA, you're just some dude. A router with a built in firewall is fine, just use a secure password.
 
emt1 said:
You're paranoid. You're not the CIA, you're just some dude. A router with a built in firewall is fine, just use a secure password.
Click to expand...

Actually I am the CIA but I'm under cover - sshh! ;)

I know I'm paranoid but what I'm trying to find out is whether I have reason to be paranoid or not. You clearly think not but that doesn't answer my question as to how secure the time capsule is. I wouldn't leave my filing cabinet outside my house for every passing stranger to have a look through my personal files so I don't want to do the same with my TC.

I respect your opinion but I need a bit more information before I can place my trust in the TC.

Thanks,
Craig.
 
There are no known blatant security holes. It's just like any other router. Sure, it could probably be hacked if someone who was really talented really wanted to do it... but if you just use a secure password, you'll be fine.
 
emt1 said:
There are no known blatant security holes. It's just like any other router. Sure, it could probably be hacked if someone who was really talented really wanted to do it... but if you just use a secure password, you'll be fine.
Click to expand...

Thanks for that - out of interest, have you tried running any of the online port scanners on your TC (assuming you have one as your primary firewall of course...). My concern isn't so much that someone could hack beyond the TC but that someone could access the files contained on the TC itself. This becomes especially important with the news that the TC can now be shared online. All the more reason for a secure password eh??? :)

In the next few days I will try setting up the TC to bypass my monowall and see how it copes. I should be able to run nmap from work (I'm an IT consultant btw) to scan my external IP address for open ports.

Thanks again,
Craig.
 
I ran the "ShieldsUp!" scan. A few ports were stealth, the rest were closed. None were reported as open.
 
emt1 said:
I ran the "ShieldsUp!" scan. A few ports were stealth, the rest were closed. None were reported as open.
Click to expand...

Oh well, that's encouraging I suppose. Thanks for your attempts to cure my paranoia... :D

Craig.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back