Solved

Internet Connection Sharing on a DSL Device Network

Posted on 2006-11-11
6
162 Views
Last Modified: 2012-06-27
Hi..

I have a network with 3 computers, 2000 Pro, XP-Pro, and Win2k3. They are all connected to an ADSL device and can access the Internet normally (and see each other). I want to allow only 2000 pro to connect to the Internet and then use Internet connection sharing on this computer for the other two (because it has firewall). Is it possible? Can anybody help please?
0
Comment
Question by:xpert_land
  • 3
  • 3
6 Comments
 
LVL 18

Expert Comment

by:carl_legere
ID: 17923389
this is less efficent than what you have now.  If you are currently missing the firewall you desire because the ADSL device does not do it, then get a linksys or other inexpensive firewall router.

If your PC's are getting IP addresses like 192.168.1.x then you are already have basic firewall protection.

To put this another way, using your ADSL router for internet connection sharing is far more efficient than using windows internet connection sharing.
0
 

Author Comment

by:xpert_land
ID: 17924239
Thank you very much

Yes my PC's do get the ip addresses 192.168.1.x meaning that I have a  basic firewall protection as you say, but is this "basic" protection enough on the Internet?
0
 
LVL 18

Accepted Solution

by:
carl_legere earned 50 total points
ID: 17924856
You have a NAT network address translation firewall.  It cushions you from having PC's directly connected to the net, where I've seen unpatched XP get
exploited in 10 minutes or less.

Your protection level is one where you are invisible to computers trolling the internet looking for computers that have known exploiots.  You have what any other basic small office / home office has with your DSL router if they use a netgear/linksys type box.

It is my opinion that it is sufficient as long as your computers have hard passwords on thier shared files.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:xpert_land
ID: 17925357
Just for my information, what level is there more than being invisible?
0
 
LVL 18

Expert Comment

by:carl_legere
ID: 17925499
just scratching the surface of what I know about firewalls, and although I have been programming Cisco and inexpensive firewalls for about 8 years, the fact remains that the technology moves allong too quickly for me to call myself an expert.

The first major category of a firewall is one that prevents unsolocited connections from the outside in.  you have this now
The second major category is one that prevents some or all traffic out based on policies.  you do not have this now, you can get it easily by installing ZoneAlarm or similar software on each PC.  This software must be trained carefully and any mistakes made during the training will cause holes in your protection.
The third major category is a firewall that only allows traffic from the outside in if it beleives that it is a server outside answering your question, this is called SPI, stateful packet inspection.  You may have this in your firewall
The fourth major category is one that carefully analizes traffic includes intrusion protection and other policies that you can program in.  This is for serious businesses who have the resources to buy the right device, pay a good programmer, and maintain this security system.

The more you spend the more of all these protections you get combined and integrated together.  Less expensive systems are usually much easier to configure.  For example, if you have a Linksys BEFSR41 basic home router and you program port TCP 25 to be forwarded from the WAN side to the LAN side, the firewall automatically opens up port TCP 25 to the world without any more configuring.
If you wished to do this with Cisco, you would have one line for the forwarding of port 25 and one or more lines in your access list telling the router in detail how to program the firewall to allow the connection through.

For small office and home office scenarios, #1 and #2 combined
Larger more secure businesses or ones with complicated remote access and VPN requirements may need more protection, several firewalls, etc.
0
 

Author Comment

by:xpert_land
ID: 17925576
Great stuff! That's why I love EE! Where else could I learn from the experts?!

So I do have enough protection. I will also install zonealarm as you advised.

Thank you very much for your help.

Cheers
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now