Hi Guys,

I tried to link up my old laptop to my new build last night to get it on the internet for the girlfriend, but couldnt get it right. I was hoping someone here could help.

The P5W DH comes with two network ports at the back:
http://image2.sina.com.cn/IT/h/200 [...] abee47.jpg

I've plugged the one port with a network cable into my cable modem, and now plugged a network cable from the latptop into the other port on the mobo. It seems like the laptop and new PC are on the same network after configuring the desktop and doing a reboot. The desktop also surfs the internet no prob - but I CANT get the laptop to surf the net (just share files/game etc.)

Do I need to get SW to share the internet connection. In theory it should work without a hitch right?

Thanks! Much appreciated!

PS. I know this mobo is Wi-Fi too, but I'd prefer to use a LAN setup. Thanks!

One thing I forgot to mention was that I am using ZoneAlarm on the desktop. I'm not sure if this could be the prob? I really like that program. Someone recommend it here. Works like a charm. I would spend time on configuring it just to keep it, if this is the prob? Not even sure yet.

Thanks!

This could also be a nooob question, but I assume that the P5W DH has a sort of "built in router" system right? That would explain to ethernet ports at the back. I've assumed this but if that's not the case, then maybe I need to go back to the drawqing board.

No there is no built in router.

Depending if the Cable Modem has one built in or not you either need to:

1. If the modem has a router, you need to goto network connections, hold down control, and select both LAN connections. Then rightclick them and 'bridge connections'. This will make your main PC act like a hub. Be aware that your main PC must be on for the others to access the 'net.

2. If the modem does not have a router, or you dont like the first idea, goto network connections, select the connection attached to the router, rightclick and select properties, then goto advanced and tick "allow other computers to access... etc" then select the other connection from the drop down. Again, the main PC needs to me on for the 2nd to access the net. This makes the PC act as a Router, its a windows thing and will incurr a *very slight* and likely un-noticable CPU usage.

Either way, after doing this you may well need to renew the IP on the second comp (windowskey+R, type 'cmd', in the box that comes up type 'ipconfig /release', wait a few secs, then 'ipconfig /renew').

To be honest I wouldnt bother with zone alarm. Read Here, and here, and here for my reasons. A system with a 'personal firewall' is no more secure than a system with un-needed ports closed, except that some of them have outbound control if you are the sort of person that blindly runs really dodgy stuff and your AV program never picks it up, for example, you use Norton. Either way, if the above solutions dont work, try disabling Zone Alarm.

Better than either of the above solutions would be a hardware router (if the modem doesnt include one) or a hub/switch (if the modem does). But that of course means more money

What you need to do is setup the AP side of the WiFi connection which stands for access point. The AP is not a router, it's just a point of access. A router logical routes packet from network to network or from host to host, plus determines the best path. I have the same mobo, but haven't used the AP because I have a router that does my packet routing for me. Documentation on setting this up should have came w/ the mobo.

Hey thank DarkStar. I'll give it a shot tonight. I'm not sure what the modem has or it it is a router? It just takes the TV cable cord in the back, and allows my to put out a LAN cable. Thats it. I hope it will work. I think that bridging the two connections should work.

Whats the difference between a router and a switch?

If I dont get this right, Im in no way forking out any more money. I'll just have to use the wireless setup with the P5W DH. Is it hard to configure? I'm really anal about security, and dont want people in my building to use my internet connection. Is it easy to only allow certain laptops to hop on, and then actually hide the wireless connection so no one else can see it on their Windows wireless networks?

Thanks!

I know you could probably write pages of text on this discussion, but in a nutshell, what does a hardware firewall offer over SW:

http://buy.overstock.com/images/products/L964317.jpg

Didnt realise you ment you were using the wireless for the 2nd comp, thought you were using the 2nd Ethernet port!

Still, 99% of what I said still stands.

I'm in the UK and our cable networks only cover about 10% of the populations and both use the DOCSIS 1 system, so my experience of it is limited, and I understand the US has many other systems. However, if you have a 'Motorola Surfboard' modem, it likely doesnt have a built in router.

The way to be sure, is that if the connection connected to the modem has an IP in the 10.x.x.x or 192.168.x.x range, then it has a built in router, if it is anything else, then it doesnt.

A switch is what option 1 turns your PC into. It just takes info on one port and passes it onto another. All the devices on the LAN can see each other. It can also be though of as a 'USB hub', in that all it does is add more ports. (And before someone comes along and coments, yes I know about Managed Switches etc that are much more complex, but I didnt really feel that was relevent here )

A Router is more sophisticated, and presents one 'outbound' port to the modem, and then has lots of 'local' ports. The modem is only aware of one device, the router, which handles the 'sharing' of the internet connection, usually via NAT (network address translation). This is what option 2 does.

As far as security goes, you may want to rethink the insecure WLAN idea, people have used it as a defence (My WLAN is public and I dont keep access logs) when accused of illegal file sharing. This obviously doesnt work if it is secure

If that is irrelevent to you, then there are a few things to bear in mind.

'Hide SSID' is pointless. It stops the WLAN from showing up on the windows 'view availible networks' system, but anyone that sniffs packets for 10 seconds will get it anyway and connect fine.

'WEP' is also pointless, the system is flawed and crackable withing 5 minutes by packet sniffing.

'WPA' is secure, but not all cards support it. If you want security and have WPA support, use this. It is only crackable by brute force, so use a long password.

If you want security but dont have WPA, then WEP and a secure VPN tunnel is the only way forward but is much more complex to set up

A hardware firewall like that is likely overkill, most routers have built in hardware firewalls that will do you fine

The problem with software firewalls is that all they can ever really do is close inbound ports or set up stealthing, and stealthing (where no reply is given on a port, rather than a 'this port is closed' reply) is pretty pointless because if there were REALLY no computer on that IP/port then the attacker would expect a 'host unreachable' reply. You can easily close all ports yourself without a piece of software to do it.

As for outbound protection, all these Personal firewalls do is intercept the Winsock API, a piece of windows that deals with incoming and outgoing connections. All a virus/malware writer would need to do do avoid it would be to 'go under it', provide its own IP stack, and talk directly to the network card. Hell, once a piece of malware is running it can just wait till it detects you are not there (keyboard + mouse movements) and use a keyboard+mouse script to add itself to the firewalls allow list.

This sounds really complicated, but I will start to educate myself. I think I have a 196 IP, so it very possibly could be a router.

I also have a static IP which isnt great for security. How do I stop packet sniffers? I better do some serious research. How do you know so much?

196.x.x.x would indicate it wasnt a router, 192.168.x.x would indicate it is

Goto This Page and see if that IP matches any shown when you hit WinKey+R, run 'cmd', and type 'ipconfig /all' in the command line box. There will be a few pages of crap here, pick out the IP adresses. There will probably be at least one 192.168.x.x or 10.x.x.x which will be the connection between the two PCs, but ignore that, look for one that matches the IP on the website, or any that are not 192.168. or 10.

If it does match, no router, if it doesnt, router.

Sorry if I'm sounding too complex in some regard, if you point out what it is you dont get then I'll try to break it down more

In my years in computing, I have only had a PC 'hacked' once. The result? they put an FTP server on the comp (it was one I didnt use often so I didnt notice till I saw traffic) and uploaded loads of films on it. I shut down the FTP server, secured the network, and was thankfull for the free films

A Static IP isnt really *much* different from a dynamic one, it means that once someone has found you, you are always in the same 'place', however once someone has cracked your network they likely have an application screaming 'here I am here I am' at them anyway, so a dynamic IP wouldnt help much.

There is no way to stop WLAN packets being sniffed, basically what it means is that the data you transmit is being recieved by people that have something set up to just listen to everything. If you have NO WLAN security, then they have all the data you are sending and recieving the point of WEP/WPA security is to encrypt the data so that what is sent is meaningless to anyone but the intended recipient. Its just that WEP has unfortunately been cracked, although WPA is still secure.

The scenario is unlikely though, it means that someone is actively trying to break your WLAN, so if your neighbours are not computer literate then you are safe few people would bother trying to packet sniff a WLAN unless they had reason.

Man, you know a lot about this area. What about if using regular LAN through my modem to access the internet. Can people use packet sniffers that way, get access to my IP address and hack it?

Also, how do I see what ports are open on my PC?

The only way people could sniff packets on a wired network is to have physical access to the cabling, so for all intents and purposes no.

You can scan what ports you have open on sites such as This one

You will have some open if you are doing certain things, for example Limewire/Bittorrent use certain ports for incoming connections, as do most games, GameSpy, and the like.

I'm just a networking geek, I defer to others in other areas

how about just looking at the device he has connected to the computer and check it it has more ethernet ports on it , if it has more than one , its a router if ti hasn't it a simple modem. way easier that the ip thing.

It only has one ethernet port connection, so if what you say holds, it must be just a basic modem.

If that is the case, then can I still get both my computers to get on the net and game with each other? I will try the method you mentioned earlier.

BTW - I was trying to connect the laptop with an ethernet, not wireless. If you can do it with wireless, you really should be able to plug in the modem cable and laptop network cable into the back of the P5W DH, into each ethernet port, and have them talk to each other. I cant see how this is not possible. I'll just have to play around with the settings.

Network: I surf the net using TV cable, so if someone has access to that network, cant they sniff across it and find an IP address.

Ports: If I find ports open that I havent authorized to open, then do I have a possible breach? Is there anyway to monitor ports and easily open/close them with SW or something. How do you block your ports so that if someone sniffs, then dont find it and it's not stealthed like you said but they know its there. Does this make sense?

I have an example of an ADSL modem/router here with a single eternet port. It will perform router functions fine if a normal switch is added. A more well known example of this than the one I have would be the BT Voyager 205

That said, I have never known a cable modem with a built in router, tho my experience of CMs is limited to cloning Telewest ones

Its probably easiest to assume that it doesnt have a router, as two routers wont hurt.

If you were satisfied with the security before all this, then try the internet connection sharing solution I first described (not the bridged connections one). If at first it doesnt work try disabling ZoneAlarm. Once we know what happens there we can move on from that.

Sharing the connection that is linked to the modem and connecting the Laptop to the other Ethernet port should work just fine. Hell, if you go to network connections there is even a Wizard to set it all up for you

Alright thanks buddy. You're a star! I'll check it out tonight and let you know what happens.

I want to learn more about port managment and see what I can do to monitor the whole thing, seeing which ports are open, and basically closing everything except the ones needed for my application.

A last question about blocking ports so it appears that they dont exist - how do you do that. If someone who also uses my cable providers service, sniffs the network for IPs - how can I ensure that no one will know mine even exists, not that it's stealthed like you said and they cant see it, but know its there.

THANK! Long live the darkstar!

Sorry, one last question. How do I block ports that I dont want opened specifically. For example, if I know BitTorrent uses a specific port and I dont want people logging onto my wireless network downloading stuff, in theory I can block that port so that they cannot download stuff right?

Chat soon buddy!

This was actually a pretty interesting article. I understand most of it now. I guess the only real vulnerability I have is email that get's broadcast in plain text.
http://www.surasoft.com/articles/packetsniffing.php

I'm gonna figure out a way to encrypt that.

Once someone has your IP address, technically they can sniff your network traffic and decode whatever it is that you're sending and receiving right. Ie. see which websites you visit, read email, see what files you're downloading etc. You cannot encrypt stuff unless you have some arrangement with your ISP and pay big bucks right? Doesnt seem like there is anything you can do to protect personal info.

Packet sniffing on the internet depends upon the 'sniffer' being a server somewhere along the route that the traffic takes, I was talking about setting up a laptop or similar in range of your WLAN and 'listening in' on the network traffic, for the purposes of breaking WEP or finding the SSID.

There is limited scope for people sniffing traffic once they know your IP etc, but all 'Secure' sites are encrypted both ways (the little padlock in IE?) and someone would really need a reason to do it for it to be worth it. If you really want anonimity, then I'd suggest googleing the 'TOR Network'

Ports can be 'Open', if the computer is listening on that port and sending the data recieved to an application, for example your bittorrent client.

Ports can be 'Closed', which is what the specification calls for, when data is recieved on that port the computer will reply saying that it is closed.

Ports can be 'Stealthed', which is usually done by firewalls, wether software ones or hardware ones, which is the same as above only the computer doesnt reply saying it is closed.

'Stealthed' is what these firewall vendors claim is needed to enhance your security, but the only 'enhancement' is that the computer doesnt confirm its existence, which is already confirmed by the fact that the preceeding computer did not reply with a 'host unreachable' message, as it would if there were no such IP. As you cant fake this, being as it isnt supposed to come from you, you cant do anything to make yourself appear not to be there.

It doesnt matter however, if the port is closed the packet is discarded and harmless.

The port is only open if something is listening on that port, either a trusted application (you could close your Bitttorrent port but then you wouldnt be able to recieve bittorrent connections, and would be limiting yourself to outbound only which would slow your speeds radically), a network service or system service (my PC accepts Remote Desktop connections for example), or malware.

Malware you should be able to stop with an Anti-Virus solution, I personally would recommend NOD32

You have to trust that the Bittorrent client or whatever other application doesnt have large security holes that allow the takeover of your PC, this is why we keep software updated.

The only way to be 100% secure is to not have any form of network connections, and to never insert any CDs/DVDs/floppys into your computer, and keep it in a secure building

Of course, then it is useless...