Level of protection ???

[tarpon_bill]

HI,

I have a BEFSR41 linksys router and want to add a windows server to my net -- but I do not want it exposed to the outside. It's just a couple of web browsing pcs that would use the windows XP file server for sharing and backing up files. If I assign a fixed IP that is out of the range of the DHCP of the router does this do anything useful?

Is there a better way to set up my home net?

Thanks in advance.

 

[Iceblue]

First, enable the firewall on your router.

Next, put a good software firewall on your server and lock it down tight to only allow communication with devices on your in-house LAN.

 

[tarpon_bill]

I am confused by your reply, easy to do actually ... But I thought the router was automatically the firewall if no ports were left open or forwarded.

I agree the firewall on the server as a backup, I assume Windows XP built in firewall is sufficient?

 

[Iceblue]

I am confused by your reply, easy to do actually ... But I thought the router was automatically the firewall if no ports were left open or forwarded.

All I was saying is check your router's configuration to be sure its builtin firewall is set up properly. Most home routers have a shortcut setting so you don't have to dive down into the individual port settings. But, if you are comfortable doing that, yes, that is basically what a firewall does.

I agree the firewall on the server as a backup, I assume Windows XP built in firewall is sufficient?

The latest Windows XP firewall (be sure your system is updated) is pretty good. I'm still more comfortable with the third party offerings, but maybe that is just a bit of anti-MS... I haven't actually used the XP built-in firewall for anything serious. I have used it on my home network, but it is now disabled in favor of the McAfee one (which comes "free" from my ISP) for no really good reason. The key is a firewall that will allow you to set it up so only local LAN clients will be able to access the web server.

 

[blue68f100]

The XP Firewall is pretty week. It allows any application you install free run of the mill with out asking permission. Turn OFF all Execptions. There is an option to allow local subnet.

Comodo is a good free firewall. You may be better served with WarFTP, but it does not run on XP.

 

[tarpon_bill]

Thanks, I understand better -- I will shuffle through all the settings and make sure none are left open both on Windows and the router.

 

[Iceblue]

Note what Blue68F100 said... If you have a firewall in your router, you have a firewall on the PC primarily to stop outgoing connections, not incoming. IOW, you need to be able to control which applications have permission to access the internet, etc.

He noted a pretty serious weakness in the XP firewall... a firewall that trusts all apps on the PC is vulnerable to trojan horse type attacks. As I implied, I haven't paid much attention to the XP firewall (I thought it was pretty good, but maybe not...)