Home networking with LinkSys router.
Last response: in Networking
Archived from groups: comp.security.firewalls (More info?)
Have a pretty simple setup: 1 machine, W2K-Pro, DSL, running Kerio PF4
(recent upgrade from KPF2); 1 machine with Win98se, dial-up, running
ZoneAlarm Free 4.5. Have just added a Lynksys wireless-G router, with
NAT, to which the W2k machine connects via Ethernet, the Win98 machine
via wireless. Really dumb newbie questions:
1. Am I supposed to trust the router's IP? If I trust the router, and
the internet is coming through the router, does that have the effect of
'trusting' the entire internet?
2. As it's currently set up, though both machines are seeing the router
and the DSL attached to it, neither can see each other. I suspect this
is due to the firewalls. How do I 'open' the computers to each other,
for file and resource sharing, without 'opening' them to the world?
Are the firewalls in fact redundant, as far as protecting against
intrusion, considering the NAT?
As I said, I'm a newbie, and I'm dumb.
rabbit
Have a pretty simple setup: 1 machine, W2K-Pro, DSL, running Kerio PF4
(recent upgrade from KPF2); 1 machine with Win98se, dial-up, running
ZoneAlarm Free 4.5. Have just added a Lynksys wireless-G router, with
NAT, to which the W2k machine connects via Ethernet, the Win98 machine
via wireless. Really dumb newbie questions:
1. Am I supposed to trust the router's IP? If I trust the router, and
the internet is coming through the router, does that have the effect of
'trusting' the entire internet?
2. As it's currently set up, though both machines are seeing the router
and the DSL attached to it, neither can see each other. I suspect this
is due to the firewalls. How do I 'open' the computers to each other,
for file and resource sharing, without 'opening' them to the world?
Are the firewalls in fact redundant, as far as protecting against
intrusion, considering the NAT?
As I said, I'm a newbie, and I'm dumb.
rabbit
More about : home networking linksys router
Archived from groups: comp.security.firewalls (More info?)
On Sat, 10 Jul 2004 06:23:02 GMT, Daniel spoketh
>Have a pretty simple setup: 1 machine, W2K-Pro, DSL, running Kerio PF4
>(recent upgrade from KPF2); 1 machine with Win98se, dial-up, running
>ZoneAlarm Free 4.5. Have just added a Lynksys wireless-G router, with
>NAT, to which the W2k machine connects via Ethernet, the Win98 machine
>via wireless. Really dumb newbie questions:
>
>1. Am I supposed to trust the router's IP? If I trust the router, and
>the internet is coming through the router, does that have the effect of
>'trusting' the entire internet?
Yes, trust the router LAN IP. Since all traffic coming from the internet
will have the IP address of the client and not your router, this does in
no way imply you are trusting the entire internet.
>
>2. As it's currently set up, though both machines are seeing the router
>and the DSL attached to it, neither can see each other. I suspect this
>is due to the firewalls. How do I 'open' the computers to each other,
>for file and resource sharing, without 'opening' them to the world?
Both firewalls can be configured to trust a range of IP addresses. This
will/should all traffic between the trusted IPs, and resolve this
problem.
>
>Are the firewalls in fact redundant, as far as protecting against
>intrusion, considering the NAT?
>
Some would yes, some would say no. The NAT router does a good job
preventing traffic from coming in, however, it does a poor job at
blocking outgoing traffic. Since more and more malware are "calling
home" rather than just sit around and wait for incoming connections. If
you are worried about such software on your computer(s), you may have
more luck preventing it from making an outbound connection with a
software firewall than with a NAT router alone.
Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"
On Sat, 10 Jul 2004 06:23:02 GMT, Daniel spoketh
>Have a pretty simple setup: 1 machine, W2K-Pro, DSL, running Kerio PF4
>(recent upgrade from KPF2); 1 machine with Win98se, dial-up, running
>ZoneAlarm Free 4.5. Have just added a Lynksys wireless-G router, with
>NAT, to which the W2k machine connects via Ethernet, the Win98 machine
>via wireless. Really dumb newbie questions:
>
>1. Am I supposed to trust the router's IP? If I trust the router, and
>the internet is coming through the router, does that have the effect of
>'trusting' the entire internet?
Yes, trust the router LAN IP. Since all traffic coming from the internet
will have the IP address of the client and not your router, this does in
no way imply you are trusting the entire internet.
>
>2. As it's currently set up, though both machines are seeing the router
>and the DSL attached to it, neither can see each other. I suspect this
>is due to the firewalls. How do I 'open' the computers to each other,
>for file and resource sharing, without 'opening' them to the world?
Both firewalls can be configured to trust a range of IP addresses. This
will/should all traffic between the trusted IPs, and resolve this
problem.
>
>Are the firewalls in fact redundant, as far as protecting against
>intrusion, considering the NAT?
>
Some would yes, some would say no. The NAT router does a good job
preventing traffic from coming in, however, it does a poor job at
blocking outgoing traffic. Since more and more malware are "calling
home" rather than just sit around and wait for incoming connections. If
you are worried about such software on your computer(s), you may have
more luck preventing it from making an outbound connection with a
software firewall than with a NAT router alone.
Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"
Archived from groups: comp.security.firewalls (More info?)
Lars;
Thanks for the input.
> Yes, trust the router LAN IP. Since all traffic coming from the internet
> will have the IP address of the client and not your router, this does in
> no way imply you are trusting the entire internet.
OK.
> Both firewalls can be configured to trust a range of IP addresses. This
> will/should all traffic between the trusted IPs, and resolve this
> problem.
Been working on it, and so far I've been able to get one computer to see
the other on the network (but not the other way around) but can not
actually access any of the shared resources on that machine. But each
machine can see its OWN shared resources in the network neighborhood,
which is something I wasn't able to do before, so I guess I'm making
some progress in getting this sharing thing sussed out. When I disabled
the firewall on one computer, the other was able to access it, so I know
the issue is in the firewall configurations.
Lars;
Thanks for the input.
> Yes, trust the router LAN IP. Since all traffic coming from the internet
> will have the IP address of the client and not your router, this does in
> no way imply you are trusting the entire internet.
OK.
> Both firewalls can be configured to trust a range of IP addresses. This
> will/should all traffic between the trusted IPs, and resolve this
> problem.
Been working on it, and so far I've been able to get one computer to see
the other on the network (but not the other way around) but can not
actually access any of the shared resources on that machine. But each
machine can see its OWN shared resources in the network neighborhood,
which is something I wasn't able to do before, so I guess I'm making
some progress in getting this sharing thing sussed out. When I disabled
the firewall on one computer, the other was able to access it, so I know
the issue is in the firewall configurations.
Related ressources:
- ForumWindows XP Networking Question (with Linksys Home VPN rout..
- ForumLinksys BEFW11S4 Router Networking issue
- ForumIn home networking using a router and switch
- ForumNetworking Question - Apple AirPort vs Linksys EA4200
- Forumhome networking with a router
- ForumTrouble connecting Sony BDP to Linksys Router
- ForumAdding a Linksys EA3500 to a home network .
- ForumHome Networking - need router advice
- ForumNetwork Problems- linksys home
- ForumWireless networking using Linksys BEFW11S4 and WMP11
- ForumQuestion on Home Networking
- ForumLinksys & XP Networking nightmare
- Forum[ Networking ] Can't get USB dongle to share wifi with router
- ForumYes, the Linksys WRT54G V5 Really Is a Lousy Router
- ForumASUS laptop Linksys E2000 Wireless router N problem
- ForumRouter Setup
- ForumLinksys 1.46 fixes DHCP bug on BEFSR41-v1 and BEFSR41-v2
- ForumNewbie: Denial of Service Attack against NAT router
- ForumOpinions? Home Wireless Network?
- ForumNewbie: Router has died twice in the last 2 weeks, why ?
- More resources
Read discussions in other Networking categories
!
