TechSpot

Setting Restriction On Computer Network?

By mephisto_007
Oct 13, 2005
  1. I'm having some issue, need some assistance...

    I have 3 computers using WinXp Pro that connected through a Linksys Router...

    -Computer "A" is using for home office only - no Internet access (I'm able to do that)
    -Computer "B" is my computer mostly using for everything
    -Computer "C" is for guest.. I want it to has Internet Connection but only to mail (eg: yahoo mail, hotmail or perhap gmail) upon other site will be block/no download...

    I have no problem setting computer "A" or "B" but how am I about to do this on computer C...

    Many thank
     
  2. tdeg

    tdeg TS Rookie Posts: 119

    You can use firewalls, ie ZoneAlarm.

    You just put computer C in the other computers non-trusted (internet) zone. I think you should be able to allow certain sites with the router. What model of router is that?
     
  3. mephisto_007

    mephisto_007 TS Guru Topic Starter Posts: 224

    Sorry my mistake, it D-Link DSL-G604T not Linksys...

    I'm not too sure using Zone-Alarm would actually solve the problem but from my experience, I'm having alot of time (ie: crashed, slow PC down... etc) troublin with ZA... Is there any other alternative way?

    Thank
     
  4. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    Web based email, like yahoo mail, hotmail, require http access (ie: port 80),
    which is the same port used for surfing pages. Once you allow port 80,
    you've also allowed downloads:( Any use of the ftp:// prefix will be denied,
    but that's not enough to stop ALL downloads.

    You will need to get a mailbox to allow
    $mychild@$my_isp.$domain rather than $mychild@hotmaim.com.​

    Then the email client usage (eg: Outlook Express, Thunderbird) you will have much better control.

    If Computer-C is your's and not just a connection for an overnight guest,
    then you can control the configuration. Otherwise, it is more complicated.
    For your own #C, make sure it has a static IP assigned by the router.
    This is fundamental to getting the firewall(any mfg) to control it.
    Let the #A,#B get dynamic address and they will be at the low end of the range.
    Set the #C static and place it much higher, like x.x.x.128.
    The firewall (on the #C system) can control Internet Access with two rules, in this order:
    allow all IP in/out ports 25,37,53,109-110,143
    deny in/outbound x.x.x.128 all ports ​
    the services just enabled are
    25=smtp (out bound email)
    37=ntp(time sync)
    53=dns(domain name service)
    109-110=(two versions of POP mailbox)
    143=imap(another email service)

    ZoneAlarm should work nicely, so uninstall and reinstall to see if it will stablize.
    btw: each system needs a copy, and only #C gets the heavy handed rules.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...