Re: Linksys router with xp network

From: Chuck (
Date: 03/22/04

Date: 21 Mar 2004 21:24:14 -0600

On Sun, 21 Mar 2004 15:51:07 -0800, Mgpoma <*email_address_deleted*> wrote:

>I have a linksys wireless router with two desktops and two laptops in my home. I purchased a new desktop machine yesterday with xp pro. My other desktop has xp home as does one of the laptops. The other laptop is 98 se. Desktops are connected via cat 5 wire to the access point router and the laptops are wireless. All of the machines can see the internet but they cannot see each other. The router uses DHSP to assign ip addresses (192.168.1.XXX). Each machine seems to have a valid address and submask. I can ping the router from any machine but cannot see any other computers. I have looked at all of the settings and everything looks correct. I tried turning off all firewalls.. Too many hours and not enough XP experience! What am I doing wrong?

What firewalls (make, model, and version) did you turn off?

Try turning your firewalls back on, and open the following ports for file and
printer sharing: TCP 139, 445; UDP 137, 138, 445.

If possible, you should do that with DHCP turned off, static ip addresses
assigned, and the mentioned ports only opened for the assigned ip addresses.

Remember wireless networks need additional security precautions:
Enable WEP / WPA. Use non-trivial values for each. (No "My dog has fleas").
Enable MAC filtering.
Disable DHCP, and assign an address to each computer manually.
Change the subnet of your LAN - don't use the default.
Don't disable SSID broadcast - some configurations require the SSID broadcast.
But change the SSID itself - to something that doesn't identify you, or the
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open the
following ports for file sharing only in the Local Zone: TCP 139, 445; UDP 137,
138, 445.
Use non-trivial userids and passwords on every computer connected to a wireless
LAN. Disable or delete Administrator and Guest userids.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and,wireless are good places to start.

Paranoia comes from experience - and is not necessarily a bad thing.

Relevant Pages

  • Re: Named Pipes oder TCP/IP
    ... Named Pipes können aber sehrwohl auch im Netzwerk (natürlich nur im LAN) sinnvoll sein, da Du Dich nicht mit Ports und Firewalls ärgern musst. ...
  • Re: [fw-wiz] Info Request: Looking for alternatives in HA/Load balancing firewallsthat are also
    ... a 'high bandwidth' server farm on the Internet is generally doing traffic in the tens to hundreds of Mb/sec, a 'high bandwidth' server on a LAN is probably connected to multple 100Mb or 1Gb ethernets. ... In both the Internet and LAN environments I lean towards multiple smaller firewalls, each doing one thing as opposed to a large firewall doing it all. ... in general I don't think that people realize this, the mentality seems to be 'I need a big, scaleable firewall to protect my Internet servers' and at the same time 'oh, that's only on the lan, it doesn't need a big firewall to protect it'. ... and it's impossible to answer anything about scalability without knowing ...
  • Re: Re: [Full-Disclosure] Microsoft urging users to buy Harware Firewalls
    ... no OS that listens on ports ... and firewalls can defend against all ... The only attack that you can pull on a ... More and more ISPs are blocking port 135 ...
  • Re: iptables configuration
    ... >> that if a 'virus/trojan' initiated a connection to the net, the firewall ... >> would not protect the LAN. ... The LAN is NATed with private IPs to one public IP. ... the ports that are used by services running on linux. ...
  • alg.exe
    ... ich habe ein kleines LAN mit Router, ... Ports habe ich mir leider nicht notiert (meine aber, vierstellig, evtl. ... Gegenstelle war natürlich eine WAN-Adresse (also ... 'Application Layer Gateway Service' und womit muß ich jetzt rechnen? ...