Being "invisible" within A network.

Okay first of all here's what I have. Around 50 computers running off one server(which is connected to the internet), then off that several hubs, and even hubs running off of hubs. This is what I need: Need to isolate 5 computers for the rest of the network, these computers need to be able to share files with each other, but with no other computers. Also I need to hide the computer names on the network along with all the shared folders from these 5 computers.


Computers are running WinXP
LVL 8
big_daddy0690Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

fixnixCommented:
Just throw them on their own subnet behind a router.  Like if the current network is 192.168.0.0/24, then set up a router with a WAN IP of 192.168.0.x and a LAN subnet of 192.168.1.0/24.  Sharing wont work through the router to the WAN side by default in all cases I'm aware of.
0
big_daddy0690Author Commented:
I would like to do this without a router, if at anyway possible.
0
Ancient_OrangeCommented:
i guess theese computers should still be able to connect to the server and the internet right?

if not its easy just physically seperate theese maschines from the rest of the lan.

i suggest you use VLANS to accomplish your goal.

put thoose 5 machines on a VLAN and just allow that vlan to communicate with the server.

or you somehow cut theese 5 maschines off the network and build a extra NIC into the server and then just connect the 5 computers to the server with that new nic. that way they will not be ssen by the other maschines on the network.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

fixnixCommented:
Another spin on the same concept, build an IPCop box (www.ipcop.org) out of an old P75 collecting dust someplace, throw 3 nics in it, and do a RED/ORANGE/GREEN configuration with ORANGE being your DMZ with the 5 private boxes and GREEN for the rest of the lan (and replacing your current internet router with the IPCop box.....unless of course you are already using a better/more-powerful/expensive/otherwise not-uninstallable commercial router at your front end.
0
adavidjonesCommented:
Give the five computers a static ip .....say your 50 computers have an ip using 192.168.0.x. Give the 5 an IP of 192.168.1.x .  this way they will be able to see each oher, but the computers on the other IP network will not be able to see them.  They will be able to share files etc...
0
big_daddy0690Author Commented:
ancient_orange,

correct. what exactly is a vlan

fixnix,

sorry, but that wont work in my case.


adavidjones,

but then they will not be able to connect to the internet
0
Ancient_OrangeCommented:
but if you do that i don't think theyl be able to communicate with the server (unless it gets a additional nic with a 192.168.1.x IP)
0
Slaid99Commented:
Have you ever thought of something as simple as Zonealarm (a software firewall). You can just set the securities such that only the IP addresses you set in will see the computer. (one per computer)
If set up properly, this is a fairly simple little trick, plus it is shareware (basically free).

If you want a simple no money solution, I dont see why it wouldnt work.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Slaid99Commented:
Thought about my last post... I should put a caveat to that... if you actually do use a software firewall (such as Zonealarm or any of the other varieties...) it may give you a couple of other issues, so if you arent familiar or dont want to be bothered with other "possible" problems... maybe vlan best.
0
Ancient_OrangeCommented:
i still consider the vlan solution the best but i don't know if your network equippment supports that.

when you talked about hubs in your question did you really mean hubs or switches ?

with best regards Ancient Orange
0
big_daddy0690Author Commented:
well the 5 computers are connected to there own hub, which is connected to a switch, which is connected to another switch, that is connected to the server. ; )

0
Ancient_OrangeCommented:
Does your network equipment support VLANS?
0
big_daddy0690Author Commented:
To be honest, I really don't know what a vlan is. I did some searching. but still kinda lost. And how would I find out if it is or not?
0
Slaid99Commented:
http://net21.ucdavis.edu/newvlan.htm  - that explains a vlan.
0
RDAdamsCommented:
What models of switches do you have?  You could put the five computers on a hub connected to one switch port.  Create that as VLAN1.  The other switch ports and the other switches could be VLAN2.  

Then use the subnets to isolate and hide your five special computers.  Create the shares for those Five systems as hidden shares ie share$.  Only those individuals will have access.  

Just a note you are better off using one computer as a file server even if you are not running a server OS.  Use one computer and put more hard drive space on it.  Share the folders necessary off it and use security to limit access to the folders. (you will need windows 2000 pro or windows xp on this computer)  
0
benstoreyCommented:
what are the switches that you have... creating a vlan is really not that hard...

and how many open ports do you have open on the switch, because if those extra ports are open, it would save a lot of bandwidth for those pc's if you put them straight into the switch..

A vlan is short for virtual lan.... all it does is setup, port based or MAC address based, (for this instance we'll use port based), it seperates say the 5 ports you have on your switch to vlan 2 while the rest of your network is on vlan1....

pretty much all you have to do, depending on the switch, is go into the configuration, and change the Port/s you have those 5 computers on, into a different vlan from the rest, and it will now 'logically' be a seperate network..
tell us what switch you have, and if you need help setting that up, can give you a hand..

cheers

0
adavidjonesCommented:
I know this works, I also have 50+ computers and have 8 computers that I have given static IP's and given the defalut gateway of the server and DNS IP used by the ISP.  The public 50+ computers can not see the the 8 admin computers and all can get to the internet.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.