Re: Internet connection sharing on a LAN
- From: Chuck <none@xxxxxxxxxxx>
- Date: 13 Apr 2005 13:39:25 -0500
On Wed, 13 Apr 2005 11:21:01 -0600, "Steve Winograd [MVP]" <winograd@xxxxxxxxx>
wrote:
>In article <4daq51p971a0j8bja7qmst8vsn4g8o8bac@xxxxxxx>, Chuck
><none@xxxxxxxxxxx> wrote:
>>Does each computer have just one network card each, or does one computer have 2
>>network cards? If the former, you'll need a proxy server, if the latter, you
>>could run ICS, an internet sharing device built in to Windows XP.
>>
>>But, with broadband, and 2 computers, connecting the two computers with a router
>>is the responsible solution.
>>
>>All computers will be safer. The router will block any malicious internet
>>traffic. This further protects the internet, from your becoming infected and
>>spreading the infection.
>>
>>All computers will run better, with the router blocking the trash infection
>>traffic. Any personal firewall on either computer will have less to do, because
>>the router will block most malevolent traffic.
>>
>>All computers will run independent of each other. Right now, you have to have
>>one computer on whenever you wish to access the internet from the other. With a
>>router, this will not be the case.
>>
>>If you can afford to have more then one computer, and broadband, you can afford
>>a router. For many reasons.
>>
>>Here are a few websites with useful tutorials on sharing internet service:
>>http://www.cablesense.com/
>>http://www.homenethelp.com/
>>http://www.practicallynetworked.com/
>>http://www.wown.com/
>
>Chuck,
>
>I agree with you that a [home broadband] router is a better solution
>than ICS for most users. However, a typical router won't work with
>cable modems or DSL modems that only have USB outputs.
>
>Why do you say that "a router is the responsible solution" and "All
>computers will be safer"?
>
>If you're implying that using ICS is irresponsible and unsafe, I
>disagree. In my opinion, a network with an ICS host computer using
>Windows XP's built-in firewall or a third-party firewall program is
>just as "responsible" (whatever that means) and just as safe as a
>network with a router.
>
>I also disagree that "All computers will run better" with a router.
>Client computers work exactly the same whether they connect to the
>Internet through an ICS host computer or through a router.
Steve,
You make a point about the USB issue. I personally do not recommend USB
broadband modems for 3 reasons:
1) Support for Ethernet is built into Windows, but support for a USB networked
modem frequently means installing another driver.
2) I prefer to devote my USB bus to non-networked applications. The Ethernet
controller is for networking.
3) Using a USB broadband modem prevents you from using a NAT router.
IMO, a NAT router is something that should be used between every computer and
the internet.
In principle, I agree with you about the personal firewall issue. A personal
firewall (preferably a certified ICSA firewall, not ICF / WF) provides almost as
much protection as a NAT router. This discussion goes on periodically in forums
like comp.security.firewalls.
There are two reasons why I prefer a NAT router over (in addition to) a personal
firewall, even a certified one.
1) The personal firewall, running on your computer, runs under the operating
system. The personal firewall is endangered, like any other portion of the
operating system (and any applications), by your internet activity. Any
malware, which you might import as data (thru the NAT router or personal
firewall), can interfere with the effectiveness of a personal firewall, just as
it can with the operating system or any application.
2) The personal firewall, running on your computer, contributes to the CPU
load, and to the instability of the computer, and the applications. If
improperly configured, a personal firewall can also contribute to confusion by
the owner. Just Google for reports by folks who write that Zone Alarm (or other
firewall) is using 100% of CPU, and who discover that it's set to report all
"intrusion attempts", and it's spending time analysing probe attempts by
infected computers near the subject computer, and logging each "intrusion". A
NAT router blocks (drops) such probes, so the personal firewall can concentrate
on reporting real security problems.
In principle, I agree with you about the ICS issue too. ICS does not place an
appreciable amount of load upon, nor cause noticeable instability in, the
computer it runs on. By turning your computer into a software router, and using
an extra network connection (either a modem, or an Ethernet connection), it does
cause just a small amount of setup complexity, CPU load, and instability,
factors which I prefer to avoid. To say nothing of its insistence in forcing ip
address 192.168.0.1 upon the network interface.
I've worked with ICS both here and in person, and I will say repeatedly that the
price of a NAT router is far exceeded by the cost of the annoyance and time
spent dealing with ICS.
With NAT routers costing $100 and up, as they did just a few years ago, ICS was
a good idea. Nowadays, with NAT routers costing $40 (at Walmart no less), using
ICS, except in very limited circumstances, just isn't worth it.
Subtracting $10 for an extra (unbranded) network card, from $40 for a name brand
NAT router, gives you $30. How much of your time can you get for $30?
--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.
.
- Follow-Ups:
- Re: Internet connection sharing on a LAN
- From: Steve Winograd [MVP]
- Re: Internet connection sharing on a LAN
- References:
- Internet connection sharing on a LAN
- From: Barry Sharp
- Re: Internet connection sharing on a LAN
- From: Chuck
- Re: Internet connection sharing on a LAN
- From: Steve Winograd [MVP]
- Internet connection sharing on a LAN
- Prev by Date: Re: WPA Patch for Windows XP with Service Pack 2
- Next by Date: Re: Save As Permissions stopped!
- Previous by thread: Re: Internet connection sharing on a LAN
- Next by thread: Re: Internet connection sharing on a LAN
- Index(es):
Relevant Pages
|
