Re: Host Computer with ICS cannot be accessed
From: Chuck (none_at_example.net)
Date: 10/22/04
- Next message: Robert L [MS-MVP]: "Re: Problem w/ file sharing on Win XP Pro SP2"
- Previous message: Andrew: "Problem w/ file sharing on Win XP Pro SP2"
- In reply to: Kass: "Re: Host Computer with ICS cannot be accessed"
- Next in thread: Kass: "Re: Host Computer with ICS cannot be accessed"
- Reply: Kass: "Re: Host Computer with ICS cannot be accessed"
- Reply: Kass: "Re: Host Computer with ICS cannot be accessed"
- Messages sorted by: [ date ] [ thread ]
Date: 22 Oct 2004 11:39:18 -0500
On Fri, 22 Oct 2004 06:57:02 -0700, "Kass" <Kass@discussions.microsoft.com>
wrote:
>Chuck,
>
>Sorry I took so long to get back. First, I tried "net view" on the Host
>computer again, and sorry for being such a dweeb, but I think I did it wrong
>the first time, cuz this time I didn't get any errors and the Host shows that
>the printer and My Docs are shared (but unlike the Client who showed that
>"Randal", the Host did not show "Main". I'm at home working today, but can
>send you those results if you like). I've also suspected firewall issues
>from the git-go, but I think I've disabled all possible, I even tried the
>dial up connection. The Host computer is running XP HE w/SP1.... the Client
>is a new set up running XP HE w/SP2. These are computers at work and are on
>a dial up connection. I have a DSL/router set up at home and no problems. I
>think it is ICS! Anyway, the Client w/ SP2 makes it easier to get to
>firewall settings. On the Host w/ SP1, when I look at the dial up
>connection, I can check or uncheck the firewall setting to allow others on
>the internet access to my files, etc... but, on the LAN connection, when I
>try to look at firewall settings, it isn't checked to not let others see your
>files, but it is grayed out and I can't get to it. I've wondered from the
>beginning if there is a firewall setting deep somewhere I can't get to, even
>to reset.
>
>I do web sites on the side and you know how the server gives you access to
>certain files? Is there a way I can tell my Host server to allow the Client
>access? Like the Client has a set IP, can you tell the Host to accept that
>computer only or something?
>
>Also, I tried all the other stuff you sent (I really appreciate your time,
>cuz from all the others out there with problems, you are a busy guy! Also,
>you explain things well so I can accomplish the goal. Some other postings
>I've read, the techs aren't very explicit, so THANKS!) I made sure both
>computers have files Client for MS Networks, file and printer sharing (I even
>tried the dial up on Host which is a big no no). Both have NetBIOS over
>TCP/IP checked. Both have Computer Browser and TCP/IP NetBIOS Helper status
>= started. The Client computer has a trial version of Norton Antivirus. I
>couldn't find any firewall settings there. The Host has CA EZ-Antivirus. CA
>has a firewall software, but we don't have that and I don't think
>EZ-Antivirus has any firewall settings.
>
>On the security concerns, since crackers can get your IP, would it be wise
>to password, and if so, do I have to do individual files or can I password
>the Host and Client computers by name. Like, to access Randal, you'd have to
>log in or enter a password? I'm not so concerned abt my home network, for
>I'm under the assumption that the router will keep others out (is that
>true?), but I don't not want the work computers breached. I know people at
>work are spending more and more time on the net leaving that dial up
>connection wide open, so I'd like to know access is secure.... got any ideas?
>
>Man, what a book! Sorry!
>
>Kass
Kass,
You've got a lot of questions. That's good - some folks just want to get
everything working, and leave the details (like protecting themselves properly)
til later. Or never.
Let's see what we know so far.
You have two computers - Main and Randal, both running XP Home. Main has a
dialup connection to the internet, and shares internet service with Randal using
ICS. No prob with internet from either comp.
We don't think any third party firewalls are installed on either computer (but
keep looking).
You can access shared files on Randal from Main, but can't access shared files
on Main from Randal. When trying to access Main, you get "...not
accessible...may not have permission to use the resourse (sic)... access
denied...".
The "access denied" error can be caused by several things.
1) Explicit non-permission on share (not possible for XP Home - except for
"c"\program files" and "c:\windows").
2) Name resolution problem (inability to determine physical address of Main
when attempting to open a share).
3) A firewall explicitly blocking share access, or preventing name resolution.
Have I asked these questions before (forgive me if so):
- What SP level is on Main and Randal?
- You are trying to access something other than "c:\program files" or
"c:\windows" on Main, from Randal, right?
- What Error Number is presented with the "...access denied..." error?
- Precisely what action are you taking when "the Client try's to access the
Host computer"? What program are you in at the time? Be as descriptive as
possible.
Try mapping a share on Main, from Main. Can you open a file, From The Share
setup on itself?
>From each computer, Start - Run - "\\main" - What happens?
Your security concerns are very valid. Crackers (using deployed botnets) can
pound on your system (and thousands of others) from a distance. Any weakness
that you have can be exploited.
Unfortunately, WinXP Home (and Simple File Sharing) doesn't provide you with
share security, as does WinXP Pro / Win2000 (Advanced File Sharing). If a
folder / file is shared, it's shared, to everybody who otherwise has access.
With WinXP Home, the best you can do is use a firewall, and a robust armada of
security software. If you have XP SP2, Windows Firewall will offer you decent
protection against hostile incoming traffic, but provides no protection against
installed malware sending outgoing traffic.
With XP pre SP2, Internet Connection Firewall is practically useless. You can
only disable ICF, disable NBT on your dialup, and install a decent third party
firewall.
But first, let's get your file sharing working. We can get back to protecting
yourself (I can rant on that all day) later.
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
- Next message: Robert L [MS-MVP]: "Re: Problem w/ file sharing on Win XP Pro SP2"
- Previous message: Andrew: "Problem w/ file sharing on Win XP Pro SP2"
- In reply to: Kass: "Re: Host Computer with ICS cannot be accessed"
- Next in thread: Kass: "Re: Host Computer with ICS cannot be accessed"
- Reply: Kass: "Re: Host Computer with ICS cannot be accessed"
- Reply: Kass: "Re: Host Computer with ICS cannot be accessed"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
