Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Set up simple network and ensure security

19 Jan 2011   #21
balm

Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
 
 

thank you golden,

im just trying to "understand", why i shouldnt disable some of the outbounds, and why is netbios the only disabled (outbound/inbound)?

thanks (as you can see im new to this)


My System SpecsSystem Spec
.
19 Jan 2011   #22
wilywombat

win7
 
 

Hi, been out of town for a couple of days. Personally I would disable any of the outbound that I wouldnt be using eg If you don't use telnet or IRC then disable these and any others from your list that you dont use. Make sure you don't disable HTTPS or HTTP though!! (You need HTTPS to carry out any secure comms such as bank accounting, Paypal etc. )
My System SpecsSystem Spec
19 Jan 2011   #23
balm

Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
 
 

welcome back , thank you.
so if i use basic home applications, ms office, windows live mail, gmail, IE8, & home network, i will basically keep ONLY https, http, smtp, imap, pop, enabled
My System SpecsSystem Spec
.

20 Jan 2011   #24
wilywombat

win7
 
 

Thats correct, go ahead and fill your boots!!!
My System SpecsSystem Spec
20 Jan 2011   #25
balm

Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
 
 

Whats going on,

all of sudden i cant connect to windows live mail gmail account on the laptop and cannot SEND emails.

It says cannot connect to IMAP server xxx.xxx.x.x:143 (routers IP address), error 10061...configuration IMAP...Port 143...code 800ccc0f...etc

ive tried everything, including disabling avast antivirus, rebuild email account, restart router, all settings are identical on both the desktop and laptop, (i think).

the desktop email works no problem.

the only things that changed since this problem started is i reset windows firewall to default rules (inbound blocks all except corenetworking / outbound all is allowed)...

any idea whats blocked my sent gmail WLM emails from my wirelss laptop only???

The isp Bell sympatico could not solve it!

thanks


edit: after redoing the account here is the latest message:

An unknown error has occurred.
Subject 'weeee'
Server Error: 421
Server Response: 421 Cannot connect to SMTP server 74.125.157.109 (74.125.157.109:25), connect error 10060
Server: 'smtp.gmail.com'
Windows Live Mail Error ID: 0x800CCC67
Protocol: SMTP
Port: 25
Secure(SSL): No
My System SpecsSystem Spec
21 Jan 2011   #26
wilywombat

win7
 
 

Suggest you retrace your steps and do a sytem restore to before you disabled any of the windows firewall settings as it appears that you have stopped something essential from getting through the firewall. Personally, I use Comodo Firewall Pro which is free rather than the windows firewall, its easy to setup and there is plenty of reporting what is going through your firewall. The only thing about Comodo is that it works so well that sometimes you may feel nagged when it asks you if you want to allow such and such program to change your settings. But hey, at least your sure its doing its job and it does get very high ratings for security.
My System SpecsSystem Spec
21 Jan 2011   #27
balm

Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
 
 

willy, thank you....


1. can you take another look at my post #17, because you had mentionned to change the IP range to 5+- numbers, whats best for security purposes i can do on my router...?

2. re. my windows firewall, i understand some people just block all outbound traffic also (even behind a NAT router), so if i do this, i assume i need to open exceptions for web, email, etc...etc...otherwise ill end end up with problems, correct?

3. also configuring windows defender, in options, default actions, i left all items as "recommended action based on definition", then i did NOT enable "apply recommended actions"...is this ok as is...(BTW, i have never received any message warnings, even though avast picks up on issues) ?


thanks
My System SpecsSystem Spec
23 Jan 2011   #28
wilywombat

win7
 
 

Hi Balm,

Quote   Quote: Originally Posted by balm View Post
thank you,

my router/modem:


in "edit advanced home network settings" tab,

Sets the IP address range used by the home network. You can choose from three standard configuration options (the default is 192.168.1.0/255.255.255.0), or configure the network settings manually.


"settings - private network" section, Sets the IP address range used by the home network. You can choose from three standard configuration options (the default is 192.168.1.0/255.255.255.0), or configure the network settings manually.

"configure manually" radio button is on, "enable dhcp" is checked (and shows 1st and last dhcp address), also has "default dhcp pool" radio button on,

...in "current settings - device list" section, it shows the two computers with the 1st, & 2nd addresses from the dhcp range

in "edit adress allocation", "settings", "Specify Device Addressing and Public/WAN IP Address Mapping",
it shows each computer with "current address"m (1st, & 2nd address), and under "address assignment" there is drop down list with first item "private from pool: xxx.xxx.x.x" and all sequencial "private fixed: xxx.xxx.x.x" adresses (in dhcp range) following....


1. does the router use dhcp to assign static ips...?

2. if wanting more security what defaults need to be changed and to what?

3. if these addresses arent static, is it better to assign static addresses to the computers and if so how?

thank you

In answer to your latest q's:-

1. The bestyou can do for security is to set the number of available i/ps in you DHCP pool to the number of computers on your network + 1 i.e. using the default setting you have (192.168.1.0/255.255.255.0), assuming you have 2 computers on the network, you would set the highest available i/p to 192.168.1.2. This gives 3 addresses available from 192.168.1.0 to 192.168.1.2. The first, 192.168.0.1 is used as the i/p for the router and the other 2 are used for the networked computers. The router allocates the available pool of addresses to computers as they log onto the network and will only use the available range that you set up previously. Using the example settings, this means that if you have 2 computers that have logged in, then a friend comes to visit, they cannot use your network as there is no available DHCP address available until one of the 2 computers leaves the network. This is why I suggested having a spare address or 2 to allow for visitors, smartphones or ipods to connect to the network. As long as you setup to use WPA2 security, having the extra addresses available should not increase your security risk.

2. Yes that is correct, but if you are unfamiliar with setting up firewalls it could be better to get a well known commercial firewall such as Zonealarm or Comodo as these are easier to setup. If you do go this way, you should disable your windows firewall as the 2 firewall (windows and the one you install) may clash and cause you problems...look at it like 2 siblings trying to agree!!

3. Yes, its OK but you will get any alerts notified to you and be asked for a response. Again, personaly I use Microsoft Security Essentials(free) as my anti-virus and Malwarebytes Anti-Malware instead of Windows Defender. Im not saying that this would be best for you but both are worth investigating as they are the ones most recommended here in the forums...
My System SpecsSystem Spec
25 Jan 2011   #29
balm

Windows 7 Home Premium - Desktop 32 bit / Laptop HP (G62) 64 BIT
 
 

thanks wily, youve been very generous, i appreciate your input....

1. so reducing the pool to the number of computers, removes the "room" for the bad guys, but doesnt this increase the odds of them spoofing the addresses used (is that even doable)? - im just trying to really wrap my head around this....


2. doing this, is it essentially the same as assigning a static IP to the computers, since it will only ever be one of two usable addresses?

3. i read a security tip is to also change the routers default ip address....?


thanks
My System SpecsSystem Spec
26 Jan 2011   #30
wilywombat

win7
 
 

Hi Balm,

Its been my pleasure to help you...Knowledge is a luxury best shared!!

In answer:-

1. You are correct in your description re the"room" for bad guys, but don't forget that the addresses are "inside" your router. I guess the best analogy for a router is a doorway with a signpost inside the door that points the way. If you use the inbuilt hardware firewall then this is like having a security guard on the door. Remember the signpost I mentioned? well that contains the addresses in your DHCP pool, so you need to have been allowed "inside" the door to read the signpost!

2. DHCP or Dynamic Host Control Protocol is a means where your router assigns the pool of addresses as and when needed. Remember the signpost earlier? DHCP is the bit that says on the sign this way to get to this ip address and there you will find computer "x". The greater the number of pool adressses you have, the greater the number of blank signpost pointers available. Also, when you shutdown your computer, the router clears the connection of ip address to computer "x" on the signpost and makes the address available to somebody else that is allowed to pass through the door.

3. Yes, changing the routers default ip address is good. Just remember to keep the address recorded somewhere safe such as on a piece of paper stuck to the bottom of the router. This is advised as it is all too easy to forget the ip address and lock yourself out of the router. (This can be overcome but you would have to reset your router and put all your settings back in)
My System SpecsSystem Spec
Reply

 Set up simple network and ensure security




Thread Tools




Similar help and support threads
Thread Forum
Simple Network Share Problem
I have several computers on a wired home network, Win 7-64, no domains or anything fancy. All of the computers show the others in the Network section of Windows Explorer, except one computer (Rogue) can't see my main computer (Main). Main can see Rogue fine. I have tried everything I can find to...
Network & Sharing
Simple Network backup options
I searched and didn't really find anything that answered my question. The details: I have 3 desktop PC's and a laptop. One of the desktops is currently setup as a server with 10tb of storage space. All of the computers run on the same network. Question: I would like to be able to...
Network & Sharing
How to ensure that deleted hard disk data security.
What software or way to format the hard drive data, making it safe to delete data no recovery possible. Such as DBAN, but erased too long. I tested a 160G hard disk data erase, with six hours or so
Hardware & Devices
Accessing old XP Pro machine on simple network
Here's the problem - old system was laptop running XP with desktop also running XP. We set up a "shared documents" folder with simple file-sharing on the desktop which the laptop could access when not working out of the office via DSL high-speed router. We just upgraded to a new laptop running 7...
Network & Sharing
Looking for simple instructions for home network.
Hello, I wish to network the pc's in my house with a Linksys Wireless Router in order to use the printer connected to one of the computers, can someone provide me with some simple instructions, on how to. Connect a; Windows Xp Home - grant permission to computer and drives. Linksys WiFi...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:57.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App