Security implications of directly connecting a Windows PC to ISP via Network Adapter with Ethernet cable bypassing the Router

security networking windows router network-security

When diagnosing Internet connection issues (slow speed for example), an ISP technician may ask a user to connect their ISP-provided Ethernet cable directly to a device (typically a Windows PC) to run speed tests in the browser or pings, etc. (to rule out the possibility of the Router being the culprit).

What are the likely (realistic) as well as theoretical security implications in as far as getting access to the device / retrieving information from it (accessing files, etc.) under the following assumptions:

  • This is done for a short period of time ~ 30 minutes
  • The new network is identified as Public (in Windows UI)
  • Remote assistance is enabled
  • Windows built-in firewall is OFF, but third-party application-level firewall is enabled (restricts Internet access to apps).

And does this compromise saved passwords of network-mapped drives and locations (which are normally only accessible within LAN via the Router)?


Solution 1:

If you only do that for a small time in order to test the connection, it should be fine; but it's better to use a spare PC with nothing important on it.

BTW, that "ISP-provided Ethernet cable" is definitely connected to a router somewhere, otherwise it would have no connectivity at all.

Solution 2:

Keep in mind how the Internet is supposed to work:

  • every desktop and server gets a public, routable, IP address

And if you don't want someone connecting to services on your PC, then don't accept packets from subnets you don't want traffic from.

The issue, of course, is that some of your services running on the PC might have vulnerabilities (buffer overflows, faulty authentication, faulty authorization, etc)

So the brute-force answer is to firewall the PC.

  • you block people from the Internet compromising your server
  • and instead only allow people on your local network to compromise your server

Windows has a firewall itself - which is sufficient.
If you're paranoid, you can place another firewall in front of it.
And for the even more paranoid, they place a 3rd firewall in front of that.

tl;dr: Keep your firewall turned on

Bonus Chatter

NAT is not a security measure. Anyone thinking Network Address Translation provides security: they're doing it wrong.

Related

I can't route any traffic no matter what is inbound or outbound on my GCE
Automate post-installation setup
How do authentication servers handle thousands of CPU intensive logins?
How can i open correct ports on windows firewall for apache instead of using all?
postfix SASL authentication failed - Internal authentication error
Why is kubernetes unable to pull from a local registry?
Determine if DNS server is master or slave with DiG
Bind: query (cache) './ANY/IN' denied - is it a DDos attack?
PSU: 20 / 24 pin +4 pin [closed]
Windows 2012 Server, Update error 80072EFE
In a recursive DNA query procedure, if a local DNS server needs to query root DNS servers, how does it know/get their IP addresses? [closed]
Update exchanges user's alias without changing others field