• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 173
  • Last Modified:

Internet Connection Sharing on a DSL Device Network

Hi..

I have a network with 3 computers, 2000 Pro, XP-Pro, and Win2k3. They are all connected to an ADSL device and can access the Internet normally (and see each other). I want to allow only 2000 pro to connect to the Internet and then use Internet connection sharing on this computer for the other two (because it has firewall). Is it possible? Can anybody help please?
0
xpert_land
Asked:
xpert_land
  • 3
  • 3
1 Solution
 
carl_legereCommented:
this is less efficent than what you have now.  If you are currently missing the firewall you desire because the ADSL device does not do it, then get a linksys or other inexpensive firewall router.

If your PC's are getting IP addresses like 192.168.1.x then you are already have basic firewall protection.

To put this another way, using your ADSL router for internet connection sharing is far more efficient than using windows internet connection sharing.
0
 
xpert_landAuthor Commented:
Thank you very much

Yes my PC's do get the ip addresses 192.168.1.x meaning that I have a  basic firewall protection as you say, but is this "basic" protection enough on the Internet?
0
 
carl_legereCommented:
You have a NAT network address translation firewall.  It cushions you from having PC's directly connected to the net, where I've seen unpatched XP get
exploited in 10 minutes or less.

Your protection level is one where you are invisible to computers trolling the internet looking for computers that have known exploiots.  You have what any other basic small office / home office has with your DSL router if they use a netgear/linksys type box.

It is my opinion that it is sufficient as long as your computers have hard passwords on thier shared files.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
xpert_landAuthor Commented:
Just for my information, what level is there more than being invisible?
0
 
carl_legereCommented:
just scratching the surface of what I know about firewalls, and although I have been programming Cisco and inexpensive firewalls for about 8 years, the fact remains that the technology moves allong too quickly for me to call myself an expert.

The first major category of a firewall is one that prevents unsolocited connections from the outside in.  you have this now
The second major category is one that prevents some or all traffic out based on policies.  you do not have this now, you can get it easily by installing ZoneAlarm or similar software on each PC.  This software must be trained carefully and any mistakes made during the training will cause holes in your protection.
The third major category is a firewall that only allows traffic from the outside in if it beleives that it is a server outside answering your question, this is called SPI, stateful packet inspection.  You may have this in your firewall
The fourth major category is one that carefully analizes traffic includes intrusion protection and other policies that you can program in.  This is for serious businesses who have the resources to buy the right device, pay a good programmer, and maintain this security system.

The more you spend the more of all these protections you get combined and integrated together.  Less expensive systems are usually much easier to configure.  For example, if you have a Linksys BEFSR41 basic home router and you program port TCP 25 to be forwarded from the WAN side to the LAN side, the firewall automatically opens up port TCP 25 to the world without any more configuring.
If you wished to do this with Cisco, you would have one line for the forwarding of port 25 and one or more lines in your access list telling the router in detail how to program the firewall to allow the connection through.

For small office and home office scenarios, #1 and #2 combined
Larger more secure businesses or ones with complicated remote access and VPN requirements may need more protection, several firewalls, etc.
0
 
xpert_landAuthor Commented:
Great stuff! That's why I love EE! Where else could I learn from the experts?!

So I do have enough protection. I will also install zonealarm as you advised.

Thank you very much for your help.

Cheers
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now