Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

firewall for peer to peer network?

Status
Not open for further replies.
millhouselives

millhouselives

Technical User
Jan 27, 2003
52
0
0
US
Hi,

I have a small peer to peer network with 5 computers. One computer with XP is connected to dsl modem and linksys router. The other four share Internet connection via that computer. All have NAV. We want to add a firewall, do we need to just put the firewall on the computer that is connected to router and dsk modem or do we need to put firewalls on all five computers. We do not have a lot of money. thank you for any help
 
Sort by date Sort by votes
If you have a modern Linksys router, chances are you already have a hardware firewall in it. Most broadband routers now come with built in firewalls. Check the documentation on it, or post the model number here and someone will verify it.

For software firewalls, ZoneAlarm is a great free (for home use, you didn't specify whether you're a home or office).
Zonealarm has a paid version as well, but Norton has their Internet Security suite which will cause less conflicts with NAV. That's probably the best route for a cheap software firewall (~$50).


 
Upvote 0 Downvote

I would be greatful for advice on the following as well

do we need to just put the firewall on the computer that is connected modem or do we need to put firewalls on all five computers
 
Upvote 0 Downvote
Xemus,

Thank you for answer. I checked and the router is a netgear mr314 which does have NAT.

I am still a little confused. I understand about the router having a firewall (NAT) but I am not sure how that works, is there link somewhere where I can read and learn more about NAT and how it stops "bad" web sites from getting past the router onto the network? I do know that on my home computer I run Zone Alarm and I had to train it when installed, so how or who trains NAT to protect computers connected to router?

Since the router does have NAT, and we do have uptodate NAV 2003 running on all five computers, are we safe from future infections from worms, viruses, backdoor trojans, etc. without doing any other changes to our current configuration?

Thank you.
Poster rated this answer.
 
Upvote 0 Downvote
Do you have your DSL Modem connected to your computer, and then to the router? Or do you have the DSL Modem connected to the router and then to the 5 computers? If it is the first, you should have the DSL Modem connected to the router, and the router should be connected to the rest of the computers to share the internet access.

To explain firewalls, basically a firewall monitors what traffic goes in and out of the network. You specify what ports to allow in and out (usually port 80 for web surfing, and a few others for SSL, email, etc). It basically stops people from seeing your computer on the internet, and opening it up to attack. The only way to stop "bad" websites from coming though is not to go to them, no matter what firewall you have. Here is a link on How Stuff Works to better explain.
 
Upvote 0 Downvote
jmaddone,

our cable (coax cable)from wall is plugged into a cable modem (Toshiba pcx2200), I know I said DSL, but I made a mistake, it is cable modem and Not dsl modem as I originally said. Sorry, for the confusion. Then a CAT5 cable is connected from the Internet Port on the cable modem to the NIC on the (host)computer. Then CAT 5 cables run from the router netgear mr314 to other four computers. We are not having any problem sharing the Internet connection with this setup. My concern is since we are sharing this way, I want to make sure I have firewall correctly installed and working, either on the host computer or on all 5 if needed. Since router comes with NAT, I am still trying to get a clear answer on do I need to add software firewall to all 5 computers or is the NAT that comes with the router good enought to protect us with the configuration that I list here. thanks again for your help.

 
Upvote 0 Downvote
With the router/firewall, that should be directly connected to the cable modem. From there you will connect the router to all five computers(including what you are using as your host) This will take your internet connection and share it with all of your computers. This is what does the NAT translation. It takes the cables ip address and translates it into 5 internal IP addresses (including what you are using as your host). Once that is all connected, router is sufficient firewall protection for all 5 computers. Leaving what you are using as your host computer on the other side of the router opens it up to attack (which is the reason for the firewall). If you want to you can add a software firewall to the internal computers, it won't hurt, but some say that is overkill. Hope that explains it all, let me know if you have anymore questions.
 
Upvote 0 Downvote
jmaddone,

so what you are saying is that the router with its 192.168.0.1 address as its gateway is the only address that is seen on the the internet side of router. The other addresses of the other computers such as 192.168.0.2 thru 192.168.0.5 are protected because they are not seen because they are inside the protection of the router, is that a reasonable way for me to picture this.
thanks,
 
Upvote 0 Downvote
Actually that is pretty close. 192.168.0.1 is the internal address for the router. Addresses that start with 192, 172, 10, and a few other numbers are considered internal network addresses. The router actually contains an external internet ip address that it recieves from the cable modem. It takes the traffic from that address and "switches" it to whatever computer asked for that traffic. But basically you have got the idea, because the 192 addresses are internal, no one can see your computers out on the internet. All they see is a router at the external ip address. Again here is another article that explains Network address translation and ip addresses. Let me know if you have anymor questions.
 
Upvote 0 Downvote
Not to beat a dead horse, but I found this webpage that explains NAT with some little diagrams and thought it might be helpful.


And I agree you should do away with the Internet Connection Sharing on the one PC and let your router do that. That's what routers are for. So the first diagram on that web page is what you should do. Your ISP should be able to help you get it set up properly.
 
Upvote 0 Downvote
jmaddone

Sorry to hijack the thread but i have a question i think you can answer.

Is a NAT router without SPI safe enough for a small network of 6 users and a small file server?

Cheers
 
Upvote 0 Downvote
thanks to jmaddone, bowfonz, projector1, and Xemus for your answers and help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
DKIM for Exchange 2019
Replies
1
Views
86
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
Curious network activity over port 445
Replies
8
Views
112
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
True Crypt / Crypto-ware / Firewalls 1
Replies
14
Views
112
goombawaho
goombawaho
LonnieJohnson
  • Locked
  • Question
Apps/Tools for seeing potential threats
Replies
1
Views
45
ChrisHirst
ChrisHirst
riobogmedacaliaires
  • Locked
  • Question
how to exclude folders in trend officescan 11 client side
Replies
0
Views
39
riobogmedacaliaires
riobogmedacaliaires

Part and Inventory Search

Sponsor

Back
Top