This is my first post here so please bare with me. I have been reading many of the post here about networking. I have two computers. One is a compaq/XP os and other is a HP Pavilion/98se os. I have the network setup and can see and use between both computers with all firewalls turned off. Now my question. If I put the little lock on the local area connection then I can't use the network. I ran the wizzard and it said their was an error. I also have tiny firewall and with it on also have same problem. Now could one of you nice people explan some thing about these firewalls to me that I can understand?I also am on a cable modem with a D-link 604 router. If you need any other info please ask. Thanks in advance
Jim

The router is probably a NAT type of router. Which stands for Network Address Translation. It gives your machines a LAN (local area network) address that all machines on your network use. The outside world only uses your WAN (wide area network or internet) address. The router normally will block anything that one of your machines did not request.

Routers are considered hardware firewalls and are probably the most effective. Software firewalls are also effective but there are additional risks associated with them.

I would say that you do not need to put the little lock on your LAN. Unless, you do not want the user of the other machine(s) to access that machine for some reason.

Any other questions just ask.


TheHeretic

TheHeretic
Then are you saying I will be protected without the lock or having the Tiny firewall on them? They each connect directly to the net thur the router.
Jim

Actually "they each connect directly to the Net through the router" is contradicting. The router is what connects to the Net. Your machines are not actually connected to the Net at all. The router does network address translation for you.

This effectively means that nobody can connect to your computers from outside your local network.

What firewall software would do for you additionally, is possibly prevent unauthorized outgoing communications. (e.g. prevents a trojan from connecting to a remote site without your permission). If you can manage to keep from getting infected with trojans and malware, you don't need that either.

Note that I'm not talking about the built in XP firewall... it only blocks incoming. You don't want to enable that at all.

Grogan
Thanks for explaining. Will keep reading the forum and am sure will have more questions.
Jim

ohhh yeah and welcome to the forums mr Shulttz712!


tnx Grogan for clearing that up.


TheHeretic

TheHeretic

I want to thank both you and Grogan for the help. I been reading here for some time now and know you give a lot of good help. Finually got breave enough to post a question. I've been at the computer for about three yrs now and just learning from reading the forums.
Jim

Originally posted by Grogan:

Note that I'm not talking about the built in XP firewall... it only blocks incoming. You don't want to enable that at all.

k, i read ur reply several times, G, and am confused. before i was networked, i had the built-in xp firewall on one of my lappies and still do. i'm networked now, w/nps. maybe a rephrase will help me to understand why i should disable the xp firewall at this juncture. thanks.

Darc,

If your using a router you can disable it. If your not you may want to keep it. I honestly dont know much bout XP other than the few times I have had to use it I did not like it.

If you do not have a router and need to have 'net protection than I would suggest ZoneAlarmPro.


TheHeretic

from what i read, w/jim not being able to network and then the reference to disable the xp built-in firewall, i couldn't get the connection 'cause i have no probs.

but y, H, i'm behind a router and i understand what ur saying, - that it isn't necessary. tu. :)

Darcy,
The XP firewall is really pretty useless, especially behind the router you have. The most common danger is a trojan, and as
Grogan pointed out, the xp firewall does nothing to stop that.

IF you really are paranoid, you can run a firewall and the router,
and have your local pc's still talk to each other. Most firewalls have settings to allow local zones unlimited connection, an you usually specify the IP range for your local machines.
For example,
With a linksys router, it assigns addresses as 192.168.1.1xx,
so you would set your trusted/local zone to cover this range,
in Zone alarm, you can set a range, or the whole subnet, by just
entering the 192.168.1
I would expect Tiny firewall also has a similar feature, but as I don;t use it, I can;t help there.
The D-link routers I believe use the 10.0.1.xx range, but the book should tell you. As was mentioned before tho, running a software firewall is not necessary with a router with built in firewall.
I checked my logs for zone alarm after installing the linksys, and I nev er see any intrusions, so I dropped it from all the pc's for over 6 months now with no ill effect.

thank u, tj. i've a MS router and am pretty sure i came across setting up local zones while i was in management tool, but is something i'd be too timid to attempt myself { i have no luck w/things :) }. if it's something i can do w/o, i'd just as soon let it be unless otherwise recommended.

i did have ZA on the chembk, but uninstalled once behind router. i didn't even think of in-built xp firewall until mentioned above and don't even know if i can fiddle w/it w/shape tosh is in at mo. i had misread that jim could not network due to xp firewall and i got confused 'cause mine is enabled w/np.


~ edited as to content.