Solved

Network security question

Posted on 2006-07-16
15
234 Views
Last Modified: 2008-01-09
I have 2 PC-s with XPPro and XPHome OS and I have setup up a small wired network between them. XPPro needs to access several files (like access database files) on the XPHome. Everything worked fine. Now I have decided to subsribe to local wirelles internet provider. I first thought of having XPPro directly connected to this wirelles network, and XPHome through XPPro, but the guy from provider has connected both of the PC's directly to a network (through a switch). Now I have shares on XPHome available through all network, which is highly unacceptable.
I need to know what is the best way to connect these 2 PC's to a wirelles network, and how to secure data on XPHome PC. If I need to switch to router (which I first suggested, but the guys from provider said that iit is not necessary (?)), and how do I need to configure these two PC"s to have datsa secured.

Thanks in advance, Goran...
0
Comment
Question by:Priest04
  • 7
  • 6
  • 2
15 Comments
 
LVL 4

Expert Comment

by:jcdesign4u
Comment Utility
Switchting to the router doesn't make a differene, that's olmost the same when they are connected trough the switch.
What you can do to secure the share is making it only available for a sprecified user, so when u logon with that user in the xppro machine, only that machine is able to connect to the spoecified share.

Other option is: connect the xphome machine to the xppro machine with a cross cable (on a second network card on the xppro machine). And configure the NIC's with static ip adresses.
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
I wouldn't go with this configuration at all. Your pcs are all over the net now.

1. Install some good Antivirus softwares on both machines and keep them updated.

2. Get a router (Multiport) and connect it through it. I use a Dlink-wbr1310 which is a wireless router. It also includes basic firewall features. It costed me around 50 bucks, you could go for any router with firewall feature though.

3. Configure DHCP on your inside of the router and use private ip addresses for your local network.

4. Make sure that you only allow connections out of your network and allow nothing to come in (new connections).

Look at this screenshot from Dlink about the firewall feature set you can get with the router I mentioned above;

http://support.dlink.com/emulators/wbr1310/adv_portforward.htm

Configuration is simple enough.

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
Comment Utility
jcdesign4u
Well, routers usually have buikt in firewall, so I will have extra security layer. As for the making it available for a specified user, as far as I know it is not possible with WinXP Home, or I am terrribly mistaken???

rsivanandan
I dont quite understand... are you saying that I can configure router so only my private network can access to shares on WinXPHome and noone from outside? And I will still have access to internet on both computers? If that is the case, then that is the solution I was searching for... I dont want anyone out of my private network to see any shares....

Thanks
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Exactly YES. First talk to your provider that you are going to implement this and you can go on from there. It is really no 'rocket science' to configure 'em while you have the gui :-0

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
Comment Utility
So I need to talk to provider about this? I mean, they need to approve me something in order I could implement this solution? And the whole configuration will include only the router (and configuring DHCP on two NIC's also, but lets diregard that for the moment)?
0
 
LVL 4

Expert Comment

by:jcdesign4u
Comment Utility
I know routers have build in firewall, but the swith is connected to the router, so al the computers on the switch are automatically protected by the firewall of the router.
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Actually you don't need to, I suggested to talk because I don't know how it is terminated on your end. If there is an equipment at your end, you need to plug your router onto it and configure. That's all. Let me know how you are getting this wireless connection.

Cheers,
Rajesh
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 18

Author Comment

by:Priest04
Comment Utility
{quote]jsdesign4u wrote:
I know routers have build in firewall, but the swith is connected to the router, so al the computers on the switch are automatically protected by the firewall of the router.[/quote]

If u are reffering to providers router, dont know how they implemented security, seems to me they dont know much about it (they are actually starting bussiness....

rsivanandan,
I have antena (suctom made) on the roof connected to Planet WAP-4033 Wireless Access Point 11/54 Mb/s 802.11b/g. This AP is currecntly connected to a switch (not sure which one), and above mentioned  2 PC's are connected to this switch.
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Yeah, then you can talk to those providers and put in your router in place of that switch. The router I mentioned has 4 ports (Inbuilt switch).

Or you can connect your router into the switch and have a different ip scheme on your side of the router.. Either way, your choice

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
Comment Utility
Ok. Can you reccomend some wired router? I have this one available in near store:

TP-Link TL-R402M Broadband Firewall router 1 UTP WAN + 4 UTP LAN 10/100 Mb/s - Cable/DSL Router for Small Office, Built-in 4-port Switch, Dial-on-demand, Firewall, Parental control, NAT, PPPoE, DDNS, UPnP, 802.1X, DHCP, DMZ host, VPN pass-through

Is this one ok? Its around 30 euros here. I saw that wirelles router you have posted here has Built in support for encrypting packets, does this one have it too (didnt see it on the manufacturers site)

http://www.tp-link.com/product/show.asp?ProductNO=391#

Also, does router block some connections like p2p networks (will I be able to use programs like emule, kaza etc)
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 500 total points
Comment Utility
If you want to use p2p, it is your wish. Like I said, the firewall features are inbuilt. Turning off or on the rules is based on your requirement and it should work just fine.

That one should be good for you. Basically your don't need encrypting traffic, you only need to separate traffic from external world from internal.

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
Comment Utility
ok rsivandan, thanx for all the help. I will buy this tp-link router and experiment with it.
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Glad to be of assistance :-) Njoy Networking...

Again, think about the option of removing the switch and connect the router directly if possible. Work with the provider. You can avoid a switch in the picture (Well, I like to keep it all simple if possible and also save some power :-))

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
Comment Utility
Yes, I will remove the switch (that is, I will ehchange it for the router, since I first requested a router, but in my absence they put a switch instead... :-/ I have built a couple of networks, but only with hubs/switches, so I never worked with routers, but from the things I have read yesterday, it should be easy... :) I just like to have proper information before getting into something. Thanks again... :)
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Anytime. These routers now a days come with more ports (4 min) and they are switched too.

Cheers,
Rajesh
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now