Ive been looking on the web, but havent really found anything that gave a good enough explanation for me to understand what i needed to do (all the guides are either too simple for my situation, or else they involve using equipment that I dont have).
here is what i have now. We have about 8 computers that are on a linksys wireless network. 1 of those computers is actually plugged into the WAP via cable. The WAP is connected to a cable modem for internet access.
What i want to do is set up a small network to do the following:
1. Network will allow file and printer sharing between ONLY 3 of the 8 computers (my notebook and 2 desktops). I want to allow my notebook access and downloader machine access to my printer without having to jack around with switching cables.
2. I want to keep other people who are logged into the wireless network from being able to access my printer as well.
3. I want to restrict all access to any of my 3 computers from the outside. Im planning on going down to buy the full norton package, nad installing the firewall on my computers, because i do not want the other people who share this internet connection via the WAP to have access to any of my computers, drives, or data.
4. All computers have Windows XP professional with SP 1, and recent critical updates. All computers have different IP address behind the WAP, but they are not sequential (last numbers are 105, 107, and 103).
5. I have tried running the network setup wizard that comes with windowsXP, but it does not allow my notebook to "see" my main desktop, or anything else on the network, and vice versa. The windows network troubleshooter is absolutely no help at all, so im open to suggestions, please?
6. Also, I have read that maybe setting up something like a VPN is a good way to make my wireless connection more secure (2 of my computers connect via wireless equipment, the third connects with cable). Suggestions, advice?
Posted by KevinA (Member # 139) on :
the simplest soulution is to set up sharing for specified users only and require a password. They can see your machine (but not the data) and if they try they will be asked for a user name and password. I don't kow if that will work for the printer though.
Posted by FireChicken (Member # 2067) on :
quote:Originally posted by KevinA: the simplest soulution is to set up sharing for specified users only and require a password. They can see your machine (but not the data) and if they try they will be asked for a user name and password. I don't kow if that will work for the printer though.
that is actually a very good idea, i like it. that would be ideal. do you happen to know how i would go about doing that?
Posted by KevinA (Member # 139) on :
not off hand, sorry. If I get a chance I'll play around with it because I'm pretty sure you can do it.
Posted by SteelHorse (Member # 1725) on :
quote:Originally posted by KevinA: not off hand, sorry. If I get a chance I'll play around with it because I'm pretty sure you can do it.
I think Kevin is playing with you. What you want to do is easy and you do not need to buy anything to do it. Not even to the Norton Firewall. You don't need a vpn either. I don't have time to walk you though it right now. But any other MCSE on this board should be able to handle this one.
Posted by Big A (Member # 1761) on :
Have you tried setting up your PC's on the MS Home Network? It's a very easy step by step setup. A router with firewall can be bought, on sale, at a reasonable price at Compusa or similar type store. XP Pro does come with a firewall but is has to be setup. Check the Windows help files to include online help. Do a search on home networking.
Posted by Sizzle (Member # 503) on :
Most of what you want to do can be done with a little *ahem* Windows security. I assume you printer is hooked up to one of the PC's? You can control access to the printer from that PC. What you can do for the print and file sharing is to create a set of user id's used for those three machines and set all of the user id's up on each box. When defining access to the resources (file and print) give these id's the specific rights you want.
I would suggest putting the three computers you want to work with each other in a seperate workgroup from the rest. This by no means is secure, but it is a easy way to segregate them in the MS networking scheme.
As far as your wireless goes. Easiest way to make it more secure is to setup the access point to NOT broadcast the the SSID. Hard code it into the machines you want to access it. Also change the channel from 6 to something else. Even better, you can setup DHCP on the router to only give addresses to the MAC addresses of your computers. Your laptops should be the MAC addresses on a sticker on the bottom of them (if they have intergrated wireless). If not, you can get the MAC address of you network cards by opening up a Command Prompt and typing "ipconfig /all". For a home network, that should be good enough. Also, I would change the IP range from the default range to something else, i.e. don't use 192.168.1.x, change it to something else.
I assume you've change the password on your router as well. If you do the above, I would not run WEP. It's not worth the performance hit for what little security it provides, at least in the home enviroment.
Posted by FireChicken (Member # 2067) on :
Big A: I have a router. re-read first post. I know router has firewall, and cable modem connected to router also has firewall. Im not concerned about intrusion that comes from the outside, that is pretty much secure (or as secure as it can be). What i am concerned about is internal intrusion. I have a lot of data on my hard drives that is proprietary, or is valualbe and almost irreplaceable. As such, i want to make sure it is all protected. I have tried using the MS Home Network, but it does not seem to be working (re-read first post, bullet point #5). And the stuff i have read through in searching does not help me (re-read first post).
Sizzle: our ip ranges are the default, however, default login and password have been changed on the WAP, and and i have been thinking about WEP encryption, but undecided (someone has been piggybacking onto our network and hogging internet bandwidth, creating massive ping readings at cable company tech support).
Ive been having problems with the MS networking scheme. I have put my notebook and my desktop with the printer on the same workgroup, as an experiment, however, neither computer can see each other, and the laptop cant find the desktop's printer. questions:
1. How do I create a set of user ID's for the machines with respect to file and printer sharing rights?
2. I also should mention that I do not share any of my drives, rather, i will be using the shared folder (I dont know if this makes a difference).
3. What does the SSID acronym stand for, and how do i not broadcast it? How do I hard code it to the machines?
4. None of my computers have integrated wireless. my notebook has a pcmcia wireless card, my desktop1 is connected via cat 5, and desktop2 is connected through a USB wireless adapter. All equipment is linksys 802.11b standard.
5. what is MAC address?
Posted by Sizzle (Member # 503) on :
quote:Originally posted by FireChicken: Sizzle: our ip ranges are the default, however, default login and password have been changed on the WAP, and and i have been thinking about WEP encryption, but undecided (someone has been piggybacking onto our network and hogging internet bandwidth, creating massive ping readings at cable company tech support).
Ive been having problems with the MS networking scheme. I have put my notebook and my desktop with the printer on the same workgroup, as an experiment, however, neither computer can see each other, and the laptop cant find the desktop's printer. questions:
1. How do I create a set of user ID's for the machines with respect to file and printer sharing rights?
2. I also should mention that I do not share any of my drives, rather, i will be using the shared folder (I dont know if this makes a difference).
3. What does the SSID acronym stand for, and how do i not broadcast it? How do I hard code it to the machines?
4. None of my computers have integrated wireless. my notebook has a pcmcia wireless card, my desktop1 is connected via cat 5, and desktop2 is connected through a USB wireless adapter. All equipment is linksys 802.11b standard.
5. what is MAC address?
1) Go into the Control Panel, and open User Accounts. Create your users there. Basically you are taking the user id's you use to log onto those computers and putting them on the other 2 computers. When you create shares for your folders and printer, you can set Security on them. You can add and remove what users id's from the PC you want to have access to the shares.
3) SSID is basically the "name" of your wireless network that the wireless devices see. If you log into your WAP, there should be a check box to broadcast SSID. By default, the SSID on a linksys router is linksys. You should make it something else. Assuming that you have linksys wireless equipment in the computers, you most likely have Linksys wireless tool loaded as well. It's a blue box in the system tray (down by the clock in Windows Start Bar). If you roll your mouser over the icons down there it should tell you what each icon is. If you open that up and go through the configuration of your wireless connection, you can edit the SSID entry (which should probably be linksys).
5) The MAC address is the physical address burned into any ethernet networking device.
A lot of this is hard to explain via forum, so feel free to IM me if you want, DLMCamaroSS on AIM and Yahoo!.
Posted by KevinA (Member # 139) on :
I wasn't playing with him. Sizzle said it all in a nutshell. What I said was I was sure you could do it with user id's and passwords but it's been a while since I have done that. Since I don't do it everyday I would have had to play with it.
Sizzle told him the correct way.
Posted by MY02SSLE (Member # 2178) on :
I am pretty sure SSID stands for Service Set IDentifier...
If you need any help and can't get ahold of Sizzle, I am an MCSE. Just e-mail me.
Posted by SteelHorse (Member # 1725) on :
Kevin, just messin around. Sizzle explained it better than I ever could have in a forum type setting. I hate explaining Windows security to people with out a couple PC's to demo it on.
Posted by FireChicken (Member # 2067) on :
Most of what sizzle and kevin said makes sense. I understand the theory, but i dont know physicaly to set the stuff up. The windowsXP network setup wizard doesnt work, or perhaps I am doing it wrong.
Ive tried to set it up using the same procedure on both computers. Since my computers all connect to a router/hub that is in turn connected to a modem, i've used that as the description for how the computer connects to the internet, but it keeps telling me it doesnt like that configuration.
Posted by KevinA (Member # 139) on :
the wizard sucks. if you get the IP from the router, half the work is done for you. in fact, if you used the default setup all of the computers will be in the workgroup "workgroup". if you share the c-drive you should be able to see it from the other computers. if you right click the c-drive you can edit the security options that way. if you need help email me.
