1. Home
  2. Networking Firewalls
  3. File Sharing, Broadband and NAT

File Sharing, Broadband and NAT

Recently I have made some major changes to my PC which make me think that I need to review my file sharing policy.

I have moved from dial-up internet to broadband and installed a 3Com router firewall.

The home network has 3 PCs which have file sharing enabled on all drives The Share Permissions tab allows 'Network' change/read permissions. The 'Security' tab allows 'Everyone' full control. (MS Office gives problems if I don't allow full access). This sounds a bit risky but as I understand it 'everyone' means anyone who logs on with the correct username and password. However, I must admit to being confused between the W2k 'Shares' properties 'Share Permissions' and 'Security'.

Since the NAT on the router makes the PCs invisible to the outside world and the file shares are protected by password access then it seems safe.

My installation is: W2000 Office 2000 Outpost PFW The PCs are not logged on with admin privileges except when doing Windows updates. The router provides IP addresses to the PCs

Any thoughts?

Davy

Reply to
Davy
Loading thread data ...

"Davy" wrote in news: snipped-for-privacy@brightview.com:

The Everyone Group means no one needs a user-id and psw to access the share. No one has to logon to the machine to access the share. If someone on a another machine whether that be across the Internet (WAN) or LAN (machines behind the router) can see the share on the machine, they can access it. Everyone Group means just that everyone and anyone.

You should be using Authenticated User Group on shares which mean a user- id must be created on the machine that has the share for a user on another machine to access the share on the machine.

The NAT router is protecting the Windows Networking ports from the outside world.

That's a good thing. But malware if it reaches the machine and can excute can change access rights to Admin so I hear.

Does the router do logging so you can use something like Wallwatcher (free) to watch inbound and outbound traffic to from the router?

formatting link
Take note on the Athenticated User Group on shares. The Everyone Group is removed off my XP Pro machines on all folders it doesn't exist on the drive or any drive period.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.