microsoft.public.windowsxp.security_admin
back to index
From: "Lanwench [MVP - Exchange]"
Date: Thursday, November 15, 2007 4:22 PM
Subject: Re: Creating a wireless hotspot on my network
nass
> "Lanwench [MVP - Exchange]" wrote:
>
>> Jeff Cook
>>> Hi
>>>
>>> I hope I have found the correct ng to ask this question ...
>>> microsoft has 2324 newsgroups!
>>
>> Actually, microsoft.public.windows.networking.wireless might've been
>> better (am setting an xpost to there), or
>> microsoft.public.windowxp.network_web.
>>
>>
>>> I have a network of three computers, all running XP and sharing some
>>> files and drives on the network.
>>>
>>> I have recently installed a wireless hub
>>
>> Meaning an access point?
>>
>>> to allow "foreign" computers
>>> to hook into my network and use my ADSL modem for internet access
>>> only.
>>
>> Do you have any security on this AP at all? WPA+PSK at a minumum.....
>>>
>>> So far so good. I had thought that as the "foreign" computer would
>>> have a different workgroup, it wouldn't be able to see the m
>>> workgroup. But ...
>>
>> Even if it had another workgroup, that doesn't prevent them from
>> snooping in your computers.
>>>
>>> 1. This doesn't seem to be the case - I can change the workgroup on
>>> one of my computers and it can still see the shared files and
>>> drives.
>>
>> Absolutely.
>>>
>>> 2. Even if it had worked, my workgroup is still visible in "Entire
>>> Network", so the "foreign" computer's workgroup could be changed to
>>> match.
>>
>> Sure. Workgroups are not security barriers - they're just simple
>> conveniences for organization/viewing computers on a network. Even
>> your having a domain (which is a security barrier) wouldn't
>> necessarily suffice to do what you want....
>>>
>>> I'm looking for a simple solution here - something to prevent a
>>> simple, possibly unintentional hack.
>>
>> Or intentional! Wireless extends outside your building, note.
>>
>>> Can someone point me in the
>>> right direction - my searches of the microsoft site and Googling
>>> haven't helped - must be using the wrong key words.
>>>
>>> TIA
>>>
>>> Jeff
>>
>>
>> If you want to provide wireless services for guests & keep them out
>> of your stuff, you will want to stick the access point *outside*
>> your LAN entirely - inside your ADSL modem but outsde your own
>> router/firewall.
>>
>> If you have only one public IP and if the AP isn't also a "router",
>> this may be tough.
>>
>> What about a small SonicWALL firewall with wireless? the wireless is
>> on an entirely different IP subnet. These work really well - you can
>> even use WGS (wireless guest services, with a logon page) such as
>> you'd find in a hotel, etc.
>
> May this help:
> Windows SteadyState at Home:
> http://www.microsoft.com/windows/products/winfamily/sharedaccess/seeit/athome.mspx
> http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
> HTH.
> nass
> ----
> http://www.nasstec.co.uk
How is that going to help protect his network ? ;-)
