File and Print sharing with SP2 Firewall on multi-homed box

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Hello Ross,
what OS will the machine where you will install SP2 be running, IF
XP Pro it will walk you through it. You seem to know what you are doing. You
were right not to go with Z. Alarm. Wireless needs strong security. Zone
Alarm the free version and the suite have become a fav. of hackers. I speak
from experince. My home network was attacked and after asking questions at
the RSA I found it is becoming thre norm, I am sure they will harden it up
soon. Remember to go to advavned tab in the windows firewall and click on
the protect my network and to set up a firewall log there. I have Trend
Micro Internet Security 2005 now it has a great Wifi protection. As well as
other things such as virus protect etc. I ran my wireless through a VOiP
router then through a Belkin LAN router and a cable modem runs the back bone
of the outfit. I have to leave soon but I will check back ASAP to see how
things are going. Best Of LUCk To You !
Ron J
"Ross Smith" wrote:

> I think I know how to configure this, but wouldn't mind a second opinion if
> anyone out there has a few minutes free.
>
> My boss has a multi homed machine on his home network. It has a USB
> broadband router, and a wireless LAN card which is used to connect to his
> other computers. Internet Connection Sharing allows the broadband to be
> shared with the computers on his wireless network.
>
> I'm going to install SP2 on this machine soon, but just spotted that the
> exception for File and Print sharing in the firewall appears to apply for
> all connections. I want to allow sharing for the local (wireless) network
> but obviously not over the internet.
>
> I'm now wondering if I can achieve this by allowing File & Print sharing in
> the firewall exceptions list, but then unbinding it from the broadband
> router. It's not pretty but I think it'll work. I know I could just
> install ZoneAlarm, but I'm curious as to whether SP2 is going to let me do
> this.
>
> Anyone have any thoughts?
>
> Ross
>
>
>
>

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

By default the File and Printer Sharing option in the firewall control panel
will limit access to "My local subnet". In the presence of ICS, the firewall
realizes that the public interface is not to be considered part of your
local subnet so should only allow access to the files on the ics box from
your home network.

with all home wireless networks, keep in mind that additional security
measures should be put in place to insure that only the machines you want on
that network have access and that your neighbors aren't snooping in.

--
David
Microsoft Windows Networking
This posting is provided "AS IS" with no warranties, and confers no rights.


"Ross Smith" <junk@hotmail.com> wrote in message
news 5HHHv%23IFHA.2136@TK2MSFTNGP14.phx.gbl...
>I think I know how to configure this, but wouldn't mind a second opinion if
> anyone out there has a few minutes free.
>
> My boss has a multi homed machine on his home network. It has a USB
> broadband router, and a wireless LAN card which is used to connect to his
> other computers. Internet Connection Sharing allows the broadband to be
> shared with the computers on his wireless network.
>
> I'm going to install SP2 on this machine soon, but just spotted that the
> exception for File and Print sharing in the firewall appears to apply for
> all connections. I want to allow sharing for the local (wireless) network
> but obviously not over the internet.
>
> I'm now wondering if I can achieve this by allowing File & Print sharing
> in
> the firewall exceptions list, but then unbinding it from the broadband
> router. It's not pretty but I think it'll work. I know I could just
> install ZoneAlarm, but I'm curious as to whether SP2 is going to let me do
> this.
>
> Anyone have any thoughts?
>
> Ross
>
>
>