Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Seperate remote desktop from network

Posted on 2006-04-18
13
Medium Priority
?
290 Views
Last Modified: 2013-11-21
Hello, i have installed a remote desktop software and want to make this computer available for someone i work with. But don't want to get access to other computers which are connected. When i get login to this computer i could see and use all files from My Network Places. Can i do seperate this computer from network? (All computers are connected with hub.)
0
Comment
Question by:tilmes
  • 6
  • 6
13 Comments
 

Expert Comment

by:catastrophic_failure
ID: 16480623
You can prevent the other computers that are connected to the hub from sharing their files.  

What all operating systems are connected to the hub
0
 
LVL 7

Expert Comment

by:jacobhoover
ID: 16480795
Why give this person remote access to your network in the first place if you don't want them to have access to your network?

If you just want to supply and support a machine with software on it for them to remotely use, if you have a Domain, just leave the machine disconnected from the domain.  If this machine dosen't need to paryticipate in the local network, you could simply remove the Windows Filesharing components for the network protocols, however if this remote user has admin access to the machine, he could simply install them to regain access.  If you don't have a domain and you wish all the other machines on the network to allow file sharing, the next best option would be to put a personal firewall on all of the other machines.  

Do you have a domain?
What OS's are installed on your LAN?
0
 

Author Comment

by:tilmes
ID: 16483413
I don't have a lan and system are used in all computeres are windows XP. Your are right that he can install Windows Filesharing components for the network protocols again after removing. Any options i can use?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 7

Expert Comment

by:jacobhoover
ID: 16483454
LAN = Local Area Network, and if they are all connected VIA a hub, and they share files, they are on a LAN.

You will need either a supplimental firewall on each of the PC's you don't want him to be able to access or use multiple network segments to hide the remainder of your network.  The firewall option would require you to buy/install a firewall on each PC, the network segment option would be as simple as purchasing a simple NAT device (like a broadband router) which will have a built in firewall.  Then you can block the single IP or Mac from the rest of the network while the rest of the machines are free to openly communicate.
0
 
LVL 7

Expert Comment

by:jacobhoover
ID: 16483467
More info on the hardware option.

[INTERNET] --- [ROUTER-A (you called it a hub)] ----- [ROUTER-B] ---- [ALL SHARED COMPUTERS]
                                     |
                                     |
                                     ---- [COMPUTER THAT THE "Other Guy" will use]
0
 

Author Comment

by:tilmes
ID: 16483506
I have one router and hub is connected to it. You mean i can use configuration in router to set up a firewall?
0
 

Author Comment

by:tilmes
ID: 16483529
Can i block single Ip from the rest of network wih this router?
http://support.dlink.com/products/view.asp?productid=DI%2D604
0
 
LVL 7

Accepted Solution

by:
jacobhoover earned 1000 total points
ID: 16483638
Yes, see

http://support.dlink.com/faq/view.asp?prod_id=2089&question=VDI-604%20/%20VDI-624

You can then set a firewall rule that blocks communication from the one "black sheep" computer to talking to the remainder of the subnet.

Assuming your black sheep computer is 192.168.0.100, and all the rest are 192.168.0.101,192.168.0.102,192.168.0.103,...,192.168.0.10x

Set the action to DENY, then set the source IP range to be from 192.168.0.100 to 192.168.0.100, and the destination IP from 192.168.0.101 to 192.168.0.10x

The only issue here willt hen be, you need to connect the "black sheep" to the router, instead of directly to the hub.
0
 

Author Comment

by:tilmes
ID: 16484794
I mad setting as above, but hasn't got the result as it should be.
0
 

Author Comment

by:tilmes
ID: 16488595
It works now opssosit way as i intended, From black sheep computer can browser sharing files but from my cmputer i cannot browser thire files/folders.
0
 
LVL 7

Expert Comment

by:jacobhoover
ID: 16492549
I assume that because you accepted it you got it working.  If not, let me know and I'll try and help diagnose the config issue.
0
 

Author Comment

by:tilmes
ID: 16495331
It is still not working.
0
 
LVL 7

Expert Comment

by:jacobhoover
ID: 16498129
Make sure the interface source and destination is set to LAn and the protocol is set to both.

If this still dosen't make it work, you may need to modify the default rule that allows Source: LAN.* Dest: *.*  To LAN.*:WAN.* and add LAN.192.168.0.101 to 192.168.0.10x: LAN.*.  Be aware that if you somehow break the configuration, there is a reset button on the router to restore the factory default settings.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question