Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Lessons Learned in the PracticallyNetworked Forums

Up for discussion and debate this week is a helpful Dos and don'ts list for wireless network security, how to find and fix IP conflicts on your network, and also inconsistent and slow cable modem speeds.

The Practically Networked Forums Spotlight highlights several of the most active or interesting topics from the more than 25,000 posts in the Practically Networked forums. From here you can follow the links to each discussion of interest to offer your own advice, or to ask your own question to our forum members if you happen to be in need of a little networking guidance yourself.

Practically Networked Forum Statistics For September 17, 2007
Threads: 7,956
Posts: 26,848
Registered Members: 10,680

Our Last Count - September 04, 2007
Threads: 7,927
Posts: 26,780
Registered Members: 10,630


This Week's Highlighted Topics

Practically Networked Forums > Practically Networked > Wireless Networks

Thread:  Wireless Security - dos and don'ts
Forum FAQ/Checklist

For quite some time now the PracticallyNetwork Forum moderators have been maintaining discussions that can help you in set up and configure different aspects of your network. The Wireless Security reads like a great FAQ and is an excellent starting place for those interested in topics such as home wireless network security, passwords for file sharing, MAC ID filtering and much more.
 

  
Greenstead
Fact : Many users with a new wireless network do not implement any security (users = home and businesses).

Wireless networking is designed to be 'plug and play'. Microsoft and wireless vendors support this in their products. However the result is a wide open network. Implementing security is essential asap when your wireless networking is working for you. This becomes more valid as more of us buy wireless and overlap our wireless networks.

How ?

Do:
- Use MAC authentication. Most wireless routers provide for you to identify the MAC addresses which are allowed to connect.
- Use encryption. All wireless devices have WEP. Use at least WEP. Better still is WPA if you have it.
(Note that MAC and WEP are not secure from an experienced hacker. WPA is essential for the best security).

Don't:
Do not disable the SSID broadcast function. Most routers/APs will allow you to do this and its true that it hides you from the average wireless user, but there is a big downside. If you are in the proximity of another wireless network which does use broadcast (they all do by default) then XP will drop your connection and offer you the available networks. And it will do that forever until you enable your broadcast again. MS think this is good thing, you may not. But its a fact.

 
  
markbrown
MAC ID filtering is a completely worthless exercise, and gives a false sense of security for those that don't understand wireless security.

Why do I say this? Because all MAC ID filtering does is check your MAC address before giving access to your network. It provides zero encryption.

There are 2 types of attacks someone can do to your network: passive & active.

A passive attacker sniffs & stores your WiFi network traffic- your e-mail, the web sites you visit, and your IM - everything broadcast over the air . and can sift through it at a later date to pull out anything they see as interesting. For example, if you access a POP3 e-mail account over WiFi, every time you send/receive mail, you are broadcasting your username & password over the air. As a hacker, I can capture this information and once I get access to your e-mail, I can know everything about you, and you.ll never know that I.m there. As a passive attacker, I can sniff your network from a mile away with a $49 directional antenna, and you.ll never even know that I.m there. MAC ID filtering does nothing to stop passive attacks because it provides no encryption.

An active attack is when I join your network, and start accessing resources (bandwidth, files, or devices) as part of the network. MAC ID filtering blocks access to the network if the MAC ID isn.t registered with the access point. The fallacy of MAC ID filtering is that it.s hard to crack. Because MAC ID filtering doesn.t block passive attacks, I can sniff your MAC address, change my MAC ID to be the same as yours, and join your network as you. From a hacker.s perspective, I just got a free license to masquerade as you. Anything I do on your network or the Internet looks like I.m doing it from your PC and your IP address. :-)

Don.t be lulled by MAC ID filtering. It provides no protection against passive attacks on your network, and puts up a 30 to 60 second barrier from actively attacking your network. WEP filtering is a little more secure, but I would hardly say it makes you secure 99% of the time.

 
  
vario
Great advice.

Are those two steps (MAC authentication and WEP) secure enough to stop worrying about security issues?

Is there something else we new wireless network users should be aware of?

How about turning off File and Printer Sharing for Microsoft Networks?

If so, how are we supposed to share files and printers?

Thanks.

 

Practically Networked Forums > Practically Networked > General Discussions
Thread: IP Conflict
ANSWERED / UNRESOLVED

Forum member Clopez7361 is running a large network and asks our forum readers how to find an IP conflict within the network. Forum member davis suggests looking at the DHCP server running the network and to check log files for the conflict, while another member suggests that Clopez7361 double check the number of computers and make sure they aren't over the limit for a single subnet.

  
 Clopez7361
Can anyone tell me if there is a command that I can use to find the IP Conflict that I have on a network of about 250 computers?
  
  davis
The best place is to look at the DHCP server that is running your network and check the logs to find the conflict. There isn't really a command that i know of that will pop up the conflicting address.

Best place to start looking is for servers on your network running static IP addresses, and making sure those addresses are put into an exception list in your dhcp server, or the server statically assigns those IP's to the specific MAC's.
  
TBone0106
"About 250 computers?" Um, that's near the limit for a single subnet. Are they all on the same subnet? Could you have, maybe, 255 computers?


Practically Networked Forums > Practically Networked > Sharing

Thread: Windows File Sharing with TCP/IP
Forum FAQ/Checklist

Forum moderator Greenstead has a general checklist which is a  handy guide for those troubleshooting Windows File Sharing with TCP/IP. In this forum thread, Greenstead along wioth other members post some excellent advice and things to check for those planning to share files between PCs in a peer-to-peer network.

  
 Greenstead
This is a general checklist for sharing files between PCs in a peer to peer network. There can be other reasons for problems but I think most people new to networking and finding sharing a problem will find the answer somewhere in this checklist.

These checks are all necessary for sharing to work with TCP/IP.

- PCs which are not XP must have TCP/IP installed.
- Each PC must have a unique computer name.
- Each PC must have a network share defined.
- ALL NICS must be on the same subnet (e.g. IP 192.168.0.* subnet mask 255.255.255.0).
- XP PCs must have Netbios over TCP/IP enabled (only essential for XP to talk to W9X PCs).
- MS Client and file & printer sharing must be enabled on each NIC.
- All NICs must have their node type = anything except p-node (peer to peer, or point-point). Check at cmd prompt with Ipconfig /all (XP/W2K) or winipcfg (W9X).
- XP's ICF firewall is permanently disabled. (Only necessary for pre XP SP2).
- All 3rd party firewalls are disabled, uninstalled and deleted (until connection is working).
- PCs have the same workgroup (helps, but not essential).

Allow 15 mins after rebooting a PC for that PC to appear in the workgroup, or for it to see all other PCs. Or you can search for the PC by its computer name.

If all the above checked out and still a problem check these:

Other ideas:
- Realtek cards have been known to be a problem with IRQ conflicts. Move the Realtek card to another PCI slot.
- Check your Services are Started on all PCs: Workstation, Server, TCP/IP Netbios helper, Computer Browser.
- You only need TCP/IP. NWLink NetBIOS, NWLink IPX/SPX/NetBIOS Compatible Transport Protocol ->are not needed and can confuse things. Remove them.
- XP gives access to its shares via the Guest Account. (Note, the local guest account in user accounts which should be off).
Net Guest Account access is enabled by default in XP, but check it:
At command prompt:
>Net user guest
Should return a line with 'Account active yes'.
If not active use:
>Net user guest /active:yes
(Still leave the user guest account off)

See link for explanation of guest account: http://support.microsoft.com/kb/300489/

Check XP Security policies:

- Access this computer from the network: add guest
- Deny logon locally: remove guest
- Network access:Sharing and security model... -> Guest only
- Deny access to this computer from the network-> check Guest is not here.

  
 backert1
You might also ad that XP does not like to recognize other computers/users whose name is two or more words in length with spaces or other characters between the words. This can be a particularily aggrivating issue when mixing win 98 and xp machines on a network.
  
 Thomas Davie
I've only been running a wireless network for 4 days, and was wondering why I could access my notebooks files from my PC, but not the other way around. The answer was;

'MS Client and file & printer sharing are checked on each NIC' was not enabled on my network card on my desktop

I'll also add that thanks to your posting RE: establishing a home multimedia wireless network, I was able to watch a movie on my desktop streamed from my laptop.
Add to del.icio.us | DiggThis


For more help, don't forget to try one of our PracticallyNetworked Forums.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums