TechSpot

How do I prevent networking/router invasion into PC??

By fnugen
Nov 5, 2005
  1. My landlady has approached me and offered to pay half my internet costs if I would run a network cable downstairs to her daughters apartment. This is not a problem as my router still has 2 open slots. My concern now is both for her and me. What do I do now exactly to be sure that she cannot get into mine or my kids PC, and vice versa?? I have never set anything up for networking or for sharing. I would like to know just how to prevent her from the possibility, and give her peace of mind, knowing as well that either PC cannot be "hacked" by the other.I am aware of the need for onboard LAN or an ethernet card......just need to know what to do in XP (assuming she has XP as well) to prevent accidental invasion, or intentional for that matter. Thanks
     
  2. pkroks

    pkroks TS Rookie Posts: 376

    disable file sharing. install a firewall like F-Secure Client security and Antivirus or Zone Alarm or Outpost... Set different workgroups (i.e. your comps on home and hers on internet or something).. just doing the firewall on its own should work.
     
  3. fnugen

    fnugen TS Rookie Topic Starter Posts: 131

    Is the file sharing option the one under the properties/sharing tag for each HDD on the systems?? If it just has the sentence about understanding the risk of sharing, does this mean that I have file sharing disabled?? I've had zonealarm in the past and it interfered with many online gaming attempts. Took it off as it caused more problems than it seemed to prevent. For antivirus I have AVG free edition.....and windows firewall with SP2. Is this all that is needed? Sorry to sound dense here, just making sure.
     
  4. pkroks

    pkroks TS Rookie Posts: 376

    i would suggest getting a better firewall than windows xp, just for the fact that it will increase your entire systems security. i'm not too keyed up about free firewalls but there are some good ones. if you get a new one and you can't play online games you should change some settings in the firewall, under application control. add your games as applications and allow them full access to the net.

    yes the file sharing is basically the one where you set it for your hdd. by the sounds of it, i think your sharing is disabled. so don't fiddle with that...
     
  5. just_a_nobody

    just_a_nobody TS Rookie Posts: 205

    I agree with what others have advised. your modem is a hardware firewall, the best protection you can have as far as firewalls, but a free firewall, such as zonealarm will add even more security. Like others have said, be sure to turn off file sharing, so she can't hack you. Maybe you can put her on a different client as yours, for added security.
     
  6. fnugen

    fnugen TS Rookie Topic Starter Posts: 131

    How do I place her on a different client ?? Other than plugging mine and my kids' PC into the router.......I've never had to block anybody out by any means, so a few of these terms are new to me. Client.....could I get a brief description of what this is and does? Sorry to be a bother.
     
  7. Nodsu

    Nodsu TS Rookie Posts: 9,431

    Unless you consider your neigbours hostile and think that they might want to attack you the Windows builtin firewall will do just fine. Disable or uninstall unneeded services like file and printer sharing, remote registry, remote assistance etc. Make sure you don't have anything allowed in the Windows firewall.

    An antivirus will do nothing to your network security unless you plan on accessing files on her PC...
     
  8. jobeard

    jobeard TS Ambassador Posts: 13,522   +336

    I'm running Norton IS and it has some features I'm sure others have too.
    I'm assuming your router address is 192.168.1.1; if not adjust the addresses
    below accordingly.

    here's how to control your systems;
    1. on your router, use static ip addresses for your systems
      like setting addresses 192.168.1.128 and above. You will need the MAC addresses
      for each of your systems and map each MAC -> static IP
    2. use dhcp for all other systems
      which should give addresses to the landlady like 192.168.1.2 {,3,4,...}
    3. setup a trusted network for your systems only
      ALLOW range 192.168.1.128-254 TCP/UDP all ports
    4. deny all other access on your subnet
      DENY range 192.168.1.2-127 all protocols all ports logging enabled
    you should be able to use file/print sharing for your systems and no one else
    can access :)

    Drop one cable to the landlady and put a cheap hub or switch to expand to the two systems there.
     
  9. Samstoned

    Samstoned TechSpot Paladin Posts: 2,582

    its hard enough to get them to communicate
    as nodsu has suggested xp firewall should be fine
    keep there pc's off of your workgroup,so don't use defaults
    if you don't use file sharing this should be disabled anyway
    I even disable print server till I need it
     
  10. tdeg

    tdeg TS Rookie Posts: 348

    What kinda of highspeed connection do you have?

    I have a cable connection and they provide two IP addresses with it. I simply put a switch attached to the cable router and then my router after that.

    You could also set up some stuff on the router with static DHCP tied to mac addresses so that for example your computers are 192.168.1.x and her's are 192.168.1.1x . At that point it is a simple matter of using ZoneAlarm to set up a trusted zone that only includes your IP addresses. She would do the same of course. At that point you wouldn't be able to access shares on her computer and visa-versa.

    Different workgroups would also help simplify things.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.