1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Is it safe to turn on printer/file sharing when networking?

By bedlam_4
Dec 2, 2005
  1. Is turning on printer file sharing ok when using a network hub that's not a router when connected to the internet if I am using a non MS firewall. I am probably going to get the activation key for AVG's firewall. I would rather not have to buy a new router as well. My current hub is a linksys EFAHO5W 10/100 Wally World special ethernet.
  2. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Why on earth would you want to turn it on on an internet-facing interface?

    Yes, if you have firewall software then it should be OK.
  3. jobeard

    jobeard TS Ambassador Posts: 10,432   +801

    your question has both YES & NO answers, depending upon how flexible the firewall
    can be configured AND your ability to get it so configured.

    1) the public side (ie: WAN) gets its address from your ISP. If you're getting
    attacked by WWW hackers, this is where they gain access. You can not allow
    ports 135 & 445 to be exposed to the WAN without major risk.

    2) the private side (ie: LAN) has addresses like 192.168..., 10...., 172....
    and these can NOT be accessed from the WAN. Your other systems may
    use File/Print sharing by just asking for it.
    As you have a hub and not a router, you may also have PUBLIC ip addressses.
    run ipconfig /all to verify

    3) the trick is to ALLOW LAN access but DISALLOW WAN access

    This simple way is to delcare the 192.168.... as a trusted subnet.
    (this can not be used of you have PUBLIC ip addresses).

    Another is a specific rule and ensure this rule is near the top of the firewall configuration.
    eg: ALLOW 192.168.x.y tcp/udp ports 135,445

    Now IF you have PUBLIC ip addressses, then subsititue those for the 192.168.x.y above.

    As a means to verify your config, you can LOG these rules and also
    log access denied by
    MONITOR ALL tcp/udp ports 135,445 and place it immediate BELOW the ALLOW rule.
    Once you're statisfied, you can stop the logging.
  4. Samstoned

    Samstoned TechSpot Paladin Posts: 1,018

    I leave my print spooler off untill I need to print
    make it manual in services
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...