Networked computers are great. You can share files across a network. You can print documents across a network. You can play games across a network. You can do just about everything across a network, assuming, of course, that the network is your own and is completely under your control.But what if you involve a network that’s not under your control? How easy is it to copy a file from your school or work computer to your home computer, especially if that school or work computer is behind a firewall and your home computer is behind a NAT’d router? Not very.
Firewalls, proxy servers, NAT’s — all of the things that keep us safe when we’re on a network are also the very things that make it difficult, if not sometimes impossible, to do all of those useful things that networked computers would otherwise allow us to do. There are ways around them, of course, but those workarounds often involve punching holes through firewalls or routers to allow certain types of traffic to pass through. And, as we know, every hole that gets punched through a firewall or router is another hole that could possibly be exploited. Try telling your work’s network administrator that you want to be able to access shares on your home PC and see what kind of reaction you get.
Up until fairly recently the best (if not the only) way to give a remote computer the same capabilities as a local computer was to set up some sort of VPN, or “virtual private network”. A VPN allows a remote computer (like the one at your home) to pretend that it was a member of a local network (like the one at your work).
There are a few things that have to be in place to make that VPN connection happen. The remote computer has to have some sort of VPN software installed, there has to be something on the local network listening for that VPN traffic, and whatever is listening for that VPN traffic has to be able to route it onto the local network. More often than not that setup involves poking at least one hole through the firewall to allow the VPN traffic through. Maybe even two. Or three.
And then along came Hamachi. Hamachi bills itself as a zero-configuration VPN solution. No holes need to be punched through any routers or firewalls (so no getting yelled at by your network administrator). No special rules need to be set up on your home NAT’d router. Just install the Hamachi software and go.
Once you run the Hamachi installation wizard the program will contact the Hamachi servers and register itself. The Hamachi servers will assign that installation (it actually installs a new, virtual network adapter) an IP address in the 5.x.x.x range. That range of IP addresses is legal but isn’t used anywhere else (at least at the moment) so you can be sure that your IP address is unique.
The next step is to either create a new “network” or join an existing network. The person who creates a network can put a password in place so that only people who are invited can join that network. Once a computer is a member of a particular network it can see all of the other computers that have already joined that network and it can do all of those great networking things (file sharing, printing, gaming) without any routers or firewalls getting in the way.
So, then, is it safe? Absolutely. All of the traffic is encrypted, and most of that traffic doesn’t even run through the Hamachi servers. Under the Hamachi scheme the servers end up acting more like mediators. When computer “A” wants to talk to computer “B” the servers facilitate the handshaking between those computers and then drop out of the picture. From that point on computers A and B are talking to each other directly. And, if you’ve noticed, no holes had to punched anywhere to allow it all to happen.
What can you do with two computers connected by Hamachi? You should be able to do anything that you would be able to do if those two computers were sitting next to each other, on the same LAN, in the same subnet, with no firewalls between them (your connection speeds will be limited by the upstream/downstream throughputs of both computers, of course). Listen to your friend’s iTunes library, play games, or have a LAN party with friends who live all over the country. You can even go to the Hamachi Gaming Forum and join networks that have been set up to play all types of on-line games.
Hamachi runs on Windows, Mac OS X, and Linux boxes, and has the price point that we all look for. It’s easy to set up, it’s safe, and (did I mention?) it’s free. Give it a shot.
Now, who’s up for some Counter Strike?
Click Here to Help Spread The Word And Share This Post With Others!
3 responses so far ↓
1 andrew // Jan 28, 2007 at 12:44 pm
hey ok i play moparscape and i have no clue how to run hamachi canyouexplain
2 Tony Weeks // Mar 5, 2008 at 6:09 pm
My son has set up one of these Hamachi things on my computer. I am conserned that the host of this system will be able to pry into my files as the VPN is “like having two computers joined”
Please advise on the vunerability between computers once you have allowed the software to be downloaded for running gaming
3 Ed // Mar 7, 2008 at 1:41 pm
Hi, Tony.
What Hamachi does is to allow two computers which are located in different places to exist side-by-side in the same virtual network. From a security perspective the computer on the other end of a Hamachi connection doesn’t have any direct access to your PC. Instead, it has the same type of access that any other PC on your home network would have. In order to access files on your you would have to intentionally set up a Windows share to explicitly allow them access to your files, just like another computer on your home network would need.
On the down side, you do have to make sure that there are not shares in place where you don’t want them to be. It’s often convenient for a home user to not worry about security and to just share everything between all of the computers in the house. After all, the only PCs in the house are his PCs. With Hamachi running there is now, for all intents and purposes, an additional PC (or two or three) in that house, and that additional PC can see everything that the other PCs in the house can see. Running Hamachi doesn’t necessarily mean that your PC is able to be compromised, but it does mean that you’ll have to be vigilant when it comes to the different types of access paths you allow into your computer.
Leave a Comment