Sign in with
Sign up | Sign in
Your question

Firewall and Print sharing

Last response: in Windows XP
Share
August 26, 2005 5:22:15 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In XP Home SP-2:

1. Does the "File and Print Sharing" setting matter for security if you have
both a software (Zone Alarm) and hardware (wireless router) Firewall active
in your home LAN?

2. For a 4 PC home wireless LAN, does it make sense to install Netbeui as
the default protocol and unbind File and Print Sharing from TCPIP? Would
that prevent sending attachments in emails or Files by FTP?

--

Jeff Williams
Jeff@who_knows.com

More about : firewall print sharing

Anonymous
a b 8 Security
August 26, 2005 6:00:09 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

From: "Jeff" <jeff@naol.com>

| In XP Home SP-2:
|
| 1. Does the "File and Print Sharing" setting matter for security if you have
| both a software (Zone Alarm) and hardware (wireless router) Firewall active
| in your home LAN?
|
| 2. For a 4 PC home wireless LAN, does it make sense to install Netbeui as
| the default protocol and unbind File and Print Sharing from TCPIP? Would
| that prevent sending attachments in emails or Files by FTP?
|
| --
|
| Jeff Williams
| Jeff@who_knows.com
|

As always, I suggest blocking both TCP and UDP ports 135 ~ 139 and 445 on *any* SOHO Router.
Doing this will totally mitigate Internet worms from making it into the LAN from the
Internet and any MS Networking from leaking from the LAN into the Internet. In this case it
should be enabled on the wireless router. Where and how will depend on the vendor and
model.

If you used NetBEUI and bound F&P Services to this protocol then MS Networking wold work
over this non-routable protocol but you would still need to have TCP/IP enabled to accesss
all facets of the Internet. If used all MS operating systems on the LAN side would need to
have both TCP/IP and NetBEUI stacks installed. NetBEUI for MS Networking and TCP/IP for
Internet access. For simplicity it is just better to block NetBIOS over IP (TCP and UDP
posrt 135 ~ 139 and 445) on the Router and just use TCP/IP on the LAN nodes.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
August 26, 2005 7:32:45 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

David H. Lipman wrote:
> From: "Jeff" <jeff@naol.com>
>
>> In XP Home SP-2:
>>
>> 1. Does the "File and Print Sharing" setting matter for security if
>> you have
>> both a software (Zone Alarm) and hardware (wireless router) Firewall
>> active
>> in your home LAN?
>>
>> 2. For a 4 PC home wireless LAN, does it make sense to install
>> Netbeui as
>> the default protocol and unbind File and Print Sharing from TCPIP?
>> Would
>> that prevent sending attachments in emails or Files by FTP?
>>
>> --
>>
>> Jeff Williams
>> Jeff@who_knows.com
>>
>
> As always, I suggest blocking both TCP and UDP ports 135 ~ 139 and
> 445 on *any* SOHO Router. Doing this will totally mitigate Internet
> worms from making it into the LAN from the Internet and any MS
> Networking from leaking from the LAN into the Internet. In this case
> it should be enabled on the wireless router. Where and how will
> depend on the vendor and model.

I use ZoneAlarm ver 6 (free) and a SMC router (SMCWBR14T-G). How do you
actually "block both TCP and UDP ports 135 ~ 139 and 445" or any port for
that matter? Are there simple instructions for a newbie in communications?

> If you used NetBEUI and bound F&P Services to this protocol then MS
> Networking wold work over this non-routable protocol but you would
> still need to have TCP/IP enabled to accesss all facets of the
> Internet. If used all MS operating systems on the LAN side would
> need to have both TCP/IP and NetBEUI stacks installed. NetBEUI for
> MS Networking and TCP/IP for Internet access. For simplicity it is
> just better to block NetBIOS over IP (TCP and UDP posrt 135 ~ 139 and
> 445) on the Router and just use TCP/IP on the LAN nodes.
Related resources
August 26, 2005 9:27:16 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

David H. Lipman wrote:
> From: "Jeff" <jeff@naol.com>
>
>
>>
>> I use ZoneAlarm ver 6 (free) and a SMC router (SMCWBR14T-G). How do
>> you actually "block both TCP and UDP ports 135 ~ 139 and 445" or any
>> port for
>> that matter? Are there simple instructions for a newbie in
>> communications?
>>
>
> Attached is a JPEG of what the settings look like on a Linksys brand
> Router.
>
> You access the the Router through its IP address. It may be;
> http://192.168.1.1 You would look for advanced settings similar to
> what you see in the attached JPEG.

Thank you very much David. That is extremely helpful.

Jeff
Anonymous
a b 8 Security
August 27, 2005 12:57:04 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

In article <egVFddnqFHA.2212@TK2MSFTNGP15.phx.gbl>,
DLipman~nospam~@Verizon.Net says...
> From: "Jeff" <jeff@naol.com>
>
>
> |
> | I use ZoneAlarm ver 6 (free) and a SMC router (SMCWBR14T-G). How do you
> | actually "block both TCP and UDP ports 135 ~ 139 and 445" or any port for
> | that matter? Are there simple instructions for a newbie in communications?
> |
>
> Attached is a JPEG of what the settings look like on a Linksys brand Router.
>
> You access the the Router through its IP address. It may be; http://192.168.1.1
> You would look for advanced settings similar to what you see in the attached JPEG.

Why would you post a binary to a text group? Not only a binary, but a
binary that is noting like the setup pages for a SMC.

SMC has information on how to block ports - check their site for a
manual if you don't have one.

--

spam999free@rrohio.com
remove 999 in order to email me
!