?
Solved

Network security question

Posted on 2006-07-16
15
Medium Priority
?
277 Views
Last Modified: 2008-01-09
I have 2 PC-s with XPPro and XPHome OS and I have setup up a small wired network between them. XPPro needs to access several files (like access database files) on the XPHome. Everything worked fine. Now I have decided to subsribe to local wirelles internet provider. I first thought of having XPPro directly connected to this wirelles network, and XPHome through XPPro, but the guy from provider has connected both of the PC's directly to a network (through a switch). Now I have shares on XPHome available through all network, which is highly unacceptable.
I need to know what is the best way to connect these 2 PC's to a wirelles network, and how to secure data on XPHome PC. If I need to switch to router (which I first suggested, but the guys from provider said that iit is not necessary (?)), and how do I need to configure these two PC"s to have datsa secured.

Thanks in advance, Goran...
0
Comment
Question by:Priest04
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
  • 2
15 Comments
 
LVL 4

Expert Comment

by:jcdesign4u
ID: 17117075
Switchting to the router doesn't make a differene, that's olmost the same when they are connected trough the switch.
What you can do to secure the share is making it only available for a sprecified user, so when u logon with that user in the xppro machine, only that machine is able to connect to the spoecified share.

Other option is: connect the xphome machine to the xppro machine with a cross cable (on a second network card on the xppro machine). And configure the NIC's with static ip adresses.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17117449
I wouldn't go with this configuration at all. Your pcs are all over the net now.

1. Install some good Antivirus softwares on both machines and keep them updated.

2. Get a router (Multiport) and connect it through it. I use a Dlink-wbr1310 which is a wireless router. It also includes basic firewall features. It costed me around 50 bucks, you could go for any router with firewall feature though.

3. Configure DHCP on your inside of the router and use private ip addresses for your local network.

4. Make sure that you only allow connections out of your network and allow nothing to come in (new connections).

Look at this screenshot from Dlink about the firewall feature set you can get with the router I mentioned above;

http://support.dlink.com/emulators/wbr1310/adv_portforward.htm

Configuration is simple enough.

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17117508
jcdesign4u
Well, routers usually have buikt in firewall, so I will have extra security layer. As for the making it available for a specified user, as far as I know it is not possible with WinXP Home, or I am terrribly mistaken???

rsivanandan
I dont quite understand... are you saying that I can configure router so only my private network can access to shares on WinXPHome and noone from outside? And I will still have access to internet on both computers? If that is the case, then that is the solution I was searching for... I dont want anyone out of my private network to see any shares....

Thanks
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 32

Expert Comment

by:rsivanandan
ID: 17117635
Exactly YES. First talk to your provider that you are going to implement this and you can go on from there. It is really no 'rocket science' to configure 'em while you have the gui :-0

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17117678
So I need to talk to provider about this? I mean, they need to approve me something in order I could implement this solution? And the whole configuration will include only the router (and configuring DHCP on two NIC's also, but lets diregard that for the moment)?
0
 
LVL 4

Expert Comment

by:jcdesign4u
ID: 17118071
I know routers have build in firewall, but the swith is connected to the router, so al the computers on the switch are automatically protected by the firewall of the router.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17119457
Actually you don't need to, I suggested to talk because I don't know how it is terminated on your end. If there is an equipment at your end, you need to plug your router onto it and configure. That's all. Let me know how you are getting this wireless connection.

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17121078
{quote]jsdesign4u wrote:
I know routers have build in firewall, but the swith is connected to the router, so al the computers on the switch are automatically protected by the firewall of the router.[/quote]

If u are reffering to providers router, dont know how they implemented security, seems to me they dont know much about it (they are actually starting bussiness....

rsivanandan,
I have antena (suctom made) on the roof connected to Planet WAP-4033 Wireless Access Point 11/54 Mb/s 802.11b/g. This AP is currecntly connected to a switch (not sure which one), and above mentioned  2 PC's are connected to this switch.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17121211
Yeah, then you can talk to those providers and put in your router in place of that switch. The router I mentioned has 4 ports (Inbuilt switch).

Or you can connect your router into the switch and have a different ip scheme on your side of the router.. Either way, your choice

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17125097
Ok. Can you reccomend some wired router? I have this one available in near store:

TP-Link TL-R402M Broadband Firewall router 1 UTP WAN + 4 UTP LAN 10/100 Mb/s - Cable/DSL Router for Small Office, Built-in 4-port Switch, Dial-on-demand, Firewall, Parental control, NAT, PPPoE, DDNS, UPnP, 802.1X, DHCP, DMZ host, VPN pass-through

Is this one ok? Its around 30 euros here. I saw that wirelles router you have posted here has Built in support for encrypting packets, does this one have it too (didnt see it on the manufacturers site)

http://www.tp-link.com/product/show.asp?ProductNO=391#

Also, does router block some connections like p2p networks (will I be able to use programs like emule, kaza etc)
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 2000 total points
ID: 17127442
If you want to use p2p, it is your wish. Like I said, the firewall features are inbuilt. Turning off or on the rules is based on your requirement and it should work just fine.

That one should be good for you. Basically your don't need encrypting traffic, you only need to separate traffic from external world from internal.

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17131317
ok rsivandan, thanx for all the help. I will buy this tp-link router and experiment with it.
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17131353
Glad to be of assistance :-) Njoy Networking...

Again, think about the option of removing the switch and connect the router directly if possible. Work with the provider. You can avoid a switch in the picture (Well, I like to keep it all simple if possible and also save some power :-))

Cheers,
Rajesh
0
 
LVL 18

Author Comment

by:Priest04
ID: 17131456
Yes, I will remove the switch (that is, I will ehchange it for the router, since I first requested a router, but in my absence they put a switch instead... :-/ I have built a couple of networks, but only with hubs/switches, so I never worked with routers, but from the things I have read yesterday, it should be easy... :) I just like to have proper information before getting into something. Thanks again... :)
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17131773
Anytime. These routers now a days come with more ports (4 min) and they are switched too.

Cheers,
Rajesh
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question