Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: firewall failed

  1. #1

    firewall failed

    hello

    my firewall was not runing... it just shutdown
    i need a better solution for my two windows 98 se. wich is single user, with all updates and running the last version of "sygate personal firewall pro" (wich i think i have to change because it messes with mirc when i run a fileserver, and that is why my firewall shutedown i think.)

    i was sharing with full access all the harddrives and all cd-roms.

    what i have in network options is:

    client for microsoft networks
    f5d500 pci card network pci card...
    micronet sp200r fast etheernet adapter
    ipx/spx-compaticle protocol - f5d5000, pci...
    tcp/ip - f5d5000, pci card network pci card...
    tcp/ip micronet sp2500 fast ethernet adapter
    file and printer sharing for microsoft networks

    primary network login: wndows logon
    access control: share-level access control



    the other computer as the same but a difrent ethernet card to connect to the internet.
    the f5d5000 in both computers connects the two computers, no hub. the other pci card connects to difrent cable modems.

    the only thing that i want to be able to do is:
    - share files and folders in both computers
    - play lan games, also old ones wich need ipx
    (thats why i installed "ipx/spx... protocol"

    but i think this is not secure... i know that i can disable netbios (wich is used to share the files, i think) since i have two pci cards it would be good if i could disable netbios in the internet card, that would make the system secure, right? but microsoft windows does not allow me to disable, is it because of the bindings?

    there are some guides that work with netbuie... but maybe that wont work for me, maybe that solution is for computers with only one nic.

    can you give me the best solution please?
    thank you

    bye
    thing

  2. #2
    hello

    did i do or say something wrong?

    bye
    thing

  3. #3
    Senior Member
    Join Date
    Dec 2002
    Posts
    134
    to answer your first question, what is the trust between the two computers on the lan?
    Can you not assign diffrent rules in your firewall on the diffrent adapters, if you can you could just block all incoming except what you actaully need depending on the connection. So in your rules you would have two for NetBIOS, one for the internet connection blocking it and one for the LAN accepting it.
    Also i dont really remember what the TCP properties are like in Win98 but in 2000 you can just open TCP properties page, then click the Advanced button and goto the WINS tab and select to disable NetBIOS over TCP.
    Hope thats some help.

  4. #4
    hello

    the firewall lets me disable netbios in one of the conections, but what if it fails? i think i can use other protocol to use netbios... right?

    bye
    thing

  5. #5
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Try Kerio personal firewall. It will allow 'trusted' networks to share, while blocking anything/everything else. MIRC, and other programs work perfectly with it.
    Free download at www.kerio.com

  6. #6
    hello

    i asked for how to configure my network, for example how to disable netbios over tcp-ip...
    my firewall is good
    thanks

    bye
    thing

  7. #7
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I'm sorry, but now you have me slightly confused.
    my firewall was not runing... it just shutdown
    Then:
    but i think this is not secure... i know that i can disable netbios (wich is used to share the files, i think) since i have two pci cards it would be good if i could disable netbios in the internet card, that would make the system secure, right? but microsoft windows does not allow me to disable, is it because of the bindings?
    And:
    there are some guides that work with netbuie... but maybe that wont work for me, maybe that solution is for computers with only one nic.
    Finially:
    i asked for how to configure my network, for example how to disable netbios over tcp-ip...
    You did?
    Why don't you restructure your question, and ask what you really want. I know I can be really dense at times, but I am still not sure what you are attempting to find out.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  8. #8
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    Your sygate firewall has the option to allow neighbourhood traffic. Go in the advanced options and allow trusted traffic on the network card that is connected with your other box.

    If I clearly understand your first post you have the following config:


    pc1 nic1 -> cable modem 1 -> internet

    pc2 nic1 -> cable modem 2 -> internet


    and now you want:

    pc1 nic1 -> cable modem 1 -> internet
    pc1 nic2 -> pc2 nic2

    pc2 nic1 -> cable modem 2 -> internet
    pc2 nic2 -> pc2 nic2

    __________________________________
    It's all about configuration in this case. An easier solution would be an internal network with NAT router to separate your inside traffic from the outside, but since you don't want to do that and already have 4 nic's...
    Let's see,

    in a win NT environment you can:
    you need to unbind netbui traffic from your nic's that connect to the internet. Those will have only TCP/IP enabled, but not binded to any of the other microsoft services.
    next you enable netbios and file sharing for the other two nic's
    then install on both boxes the sygate pro firewall and enable the neighbourhood option so others on your internal lan can browse and share your files.

    grc clearly explains the bondage principle for ms boxes:
    http://grc.com/su-bondage.htm

    another site to give you an idea:
    http://www.windowsecurity.com/articl...endations.html

  9. #9
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397
    If your firewall allows blocing traffic by specific ports, you can also block TCP/UDP prots 135-139 and 445 on the interfaces that are connected to the cable modems. That will effectively prohibit most all NetBIOS traffic. Personally, if money were not an object, I would invest in a firmware firewall/router, such as a SonicWall SOHO or Watchguard SOHO in addition to the software firewalls. A layered approach to security is always better that a single system.

  10. #10
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,542
    Yep, very true.

    in order to complete my previous post, the necessary Sygate Firewall options can be found at:
    right click the sygate icon in your windoze tray,
    go to options
    choose the network neighbourhood tab


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •