Re: XP Pro does not map Computer Names to Network IP addresses Why?

On Tue, 31 May 2005 15:28:29 GMT, Dennis@xxxxxxxxxx wrote:

>Chuck <none@xxxxxxxxxxx> wrote:
>
>>On Tue, 31 May 2005 14:52:54 GMT, Dennis@xxxxxxxxxx wrote:
>>
>>>Chuck <none@xxxxxxxxxxx> wrote:
>>>>You're welcome, Dennis. Please let us know how everything works out for you.
>>>
>>>Sorry one more security question that I just thought of.
>>>
>>>My Son has a laptop and when he comes home from school he likes to connect to
>>>our network through the wireless WAP.
>>>
>>>One of my fears is that since he uses instant messages through AOL and has Kazaa
>>>that a hacker would be able to get into my network through his laptop. Until
>>>now that was not a problem because his laptop could not see my network because
>>>of my network non mapping problems discussed before. But now all the computers
>>>on the network can see each other.
>>>
>>>If I assign static IP's to my work computers and have ZAP only allow those
>>>Static IP' in the trusted zone is that enough to protect those computers from
>>>hackers that may enter through my Son's laptop?
>>>
>>>Thanks for your help
>>>
>>>Dennis
>>
>>Dennis,
>>
>>That's a valid concern, and one that may take some thought. There are known
>>"combined threats" which start from a trojan or virus (not the same thing)
>>entering a network on a single point (ie an IM or P2P session), and spreading as
>>a worm thru an otherwise unprotected network.
>>
>>I believe ZAP contains stateful features (ie better than just "this external ip
>>address has access to this specific local port"), so it would hopefully protect
>>against at least some threats that might enter thru your sons laptop. Are you
>>planning to give your son access to any shared folders or printers, or just
>>access to the Internet?
>
>I want to block my Son's access to any shared folders but not the printer that
>is on a USB linksys Server.
>
>My Sons laptop has to have a dynamic IP because he has to connect at school
>which has a different set of internal IP's than my router.
>
>As an experiment I set my Laptop to a fixed IP address and on the desktop ZAP I
>deleted all Trusted DHCP zones. I could not delete the trusted network in ZAP
>which was xxx.xxx.1.0/255.255.255.0 for ZAP would not allow.
>
>The laptop still had full access to the desktop's folders.
>
>I blocked xxx.xxx.1.1 to xxx.xxx.1.255 in ZAP but I could still access the
>decktop computers shared files.
>
>How do you block all IPs except those that you trust?
>
>Thanks.

Dennis,

Under TCP/IP - Properties, if you select "Obtain an IP address automatically",
you will have an Alternate Configuration tab. You can select "User configured",
and enter fixed information, just as you would do on your other computers. This
fixed information, though, will only be used if a DHCP server is NOT available.
At his school, he'll still get dynamic settings.
<http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_tcpip_pro_altconfig.mspx>

On the subject of the Trusted Zone, I'm not sure what your problem is. The only
ZAP I've worked with (which was V5.5 IIRC), I set the scope to individual
addresses, not subnet. I then entered the individual addresses, one at a time.

Once you have your Trusted Zone set, you set the protection level to Medium
there (read the description for Medium), and you set to High for the Internet
Zone (read description for High).

I'm not sure how protected (if at all) a Linksys print server would be. My
guess is if he addresses it directly, he should have no problem. If you're
sharing the printer from one of your computers, you'll have to read up on ZAP
and how to make custom rules, ie put your son's computer into a special IP
group, with special access.

--
Cheers,
Chuck
http://nitecruzr.blogspot.com/
Paranoia is not a problem - it's a normal response from experience.
My email is AT DOT
actual address pchuck sonic net.
.

Relevant Pages

  • Re: SyncToy installation
    ... Hi again, thanks for your last reply, my PC & Laptop both hav XP SP2 ... Both computers are not visabl on the laptop, A directory has been created MY ... Windows Network, With sub Directories MSHOME>John's Laptop>Shared Docs (with ... If both computers are visible, on the laptop, now create a folder. ...
    (microsoft.public.windowsxp.general)
  • Re: home networking
    ... >>>I am trying to set up my home network with a desktop and laptop. ... >>>computers are running XP SP2 Home Edition. ... >>>can I use the existing wired connection? ...
    (microsoft.public.windowsxp.network_web)
  • Windows Networking Abruptly Stops...umm, Networking.
    ... I share documents between my laptop and my ... I clicked on Workgroup Computers in the My Network Places window and ... it showed both the LAPTOP and the DESKTOP computers. ... So I re-ran the Home Network wizard in My Network Places again on both ...
    (microsoft.public.windowsxp.network_web)
  • Re: Home network problem (router and 2 laptops)
    ... >> (could be the Novell network software that I installed and later removed). ... I can also see both computers in My Network Places. ... >> try to access the other laptop. ... Open Notepad. ...
    (microsoft.public.windowsxp.network_web)
  • Re: XP Pro does not map Computer Names to Network IP addresses Why?
    ... >>>You're welcome, Dennis. ... >>that a hacker would be able to get into my network through his laptop. ... >I believe ZAP contains stateful features (ie better than just "this external ip ...
    (microsoft.public.windowsxp.network_web)