Time Capsule - How secure is it?

Discussion in 'Mac Accessories' started by craig1410, Mar 3, 2009.

  1. craig1410 macrumors 6502a

    craig1410

    Joined:
    Mar 22, 2007
    Location:
    Scotland
    #1
    Hi,
    With the news about remote file sharing via mobile me becoming available on the Time Capsule I find myself wondering just how secure is the Time Capsule. If I am to enable the remote file sharing will that simply expose my personal files to every hacker and script kiddie on the 'net or is it pretty secure?

    In general, mixing the role of firewall with any other function is considered a bad idea which is why I run a dedicated Monowall firewall between my ADSL router and my Time Capsule. However, with energy prices the way they are I have considered dispensing with the Monowall and just plugging the TC straight into the ADSL router. This would save me around £50 per year on electricity but I don't want that to be at the expense of security in any practical sense.

    Does anyone know of any penetration testing having been done against the Time Capsule and whether it is up to the job of being primary firewall for a domestic network? My instincts tell me that having a firewall, wifi access point and file server in the same box is a bad idea but it is also a very convenient solution if it is secure enough.

    Comments please...

    Thanks,
    Craig.
    :)
     
  2. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #2
    You're paranoid. You're not the CIA, you're just some dude. A router with a built in firewall is fine, just use a secure password.
     
  3. craig1410 thread starter macrumors 6502a

    craig1410

    Joined:
    Mar 22, 2007
    Location:
    Scotland
    #3
    Actually I am the CIA but I'm under cover - sshh! ;)

    I know I'm paranoid but what I'm trying to find out is whether I have reason to be paranoid or not. You clearly think not but that doesn't answer my question as to how secure the time capsule is. I wouldn't leave my filing cabinet outside my house for every passing stranger to have a look through my personal files so I don't want to do the same with my TC.

    I respect your opinion but I need a bit more information before I can place my trust in the TC.

    Thanks,
    Craig.
     
  4. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #4
    There are no known blatant security holes. It's just like any other router. Sure, it could probably be hacked if someone who was really talented really wanted to do it... but if you just use a secure password, you'll be fine.
     
  5. craig1410 thread starter macrumors 6502a

    craig1410

    Joined:
    Mar 22, 2007
    Location:
    Scotland
    #5
    Thanks for that - out of interest, have you tried running any of the online port scanners on your TC (assuming you have one as your primary firewall of course...). My concern isn't so much that someone could hack beyond the TC but that someone could access the files contained on the TC itself. This becomes especially important with the news that the TC can now be shared online. All the more reason for a secure password eh??? :)

    In the next few days I will try setting up the TC to bypass my monowall and see how it copes. I should be able to run nmap from work (I'm an IT consultant btw) to scan my external IP address for open ports.

    Thanks again,
    Craig.
     
  6. emt1 macrumors 65816

    Joined:
    Jan 30, 2008
    Location:
    Wisconsin
    #6
    I ran the "ShieldsUp!" scan. A few ports were stealth, the rest were closed. None were reported as open.
     
  7. craig1410 thread starter macrumors 6502a

    craig1410

    Joined:
    Mar 22, 2007
    Location:
    Scotland
    #7
    Oh well, that's encouraging I suppose. Thanks for your attempts to cure my paranoia... :D

    Craig.
     

Share This Page