|
Home »
Networking
»
Firewalls
Summary: Internet Connection Sharing allows you to share the internet connection of one computer among several others. There are risks if not set up properly.
Your PC "A" is acting like a firewall to PC "B", so PC "B" is protected, but from what you describe PC "A" is sitting naked on the internet. This is not good. Get behind a firewall. Now. • This isn't the result of a hack or a virus or anything like that. It's due to the way you have your network configured. Forget machine "B" for a moment; your machine "A" is connected directly to the internet without protection. No matter what else you're doing, it's potentially vulnerable to all sorts of intrusions, as you've seen. That's why I so strongly recommend that you always put yourself behind a firewall when you connect a machine to the internet. The firewall can be hardware or software. Get behind a router that does NAT, or install a software firewall, or even just turn on the Windows Firewall on machine "A". The differences between those approaches pale compared with having no firewall at all. Now, why when you were using PC "B" for your conversation was PC "A" the one your friend could see? "But just because one PC can act as a firewall to protect others doesn't mean
it's automatically also protecting itself; it's not."
Because PC "A" was itself acting like a firewall. When internet connection sharing is enabled, it performs NAT or Network Address Translation just like routers do. As a result, all the computers that share that internet connection are hidden behind that firewall. The only thing visible from the internet is that firewall, or in this case, PC "A". But just because one PC can act as a firewall to protect others doesn't mean it's automatically also protecting itself; it's not. So while PC "B" is appropriately and importantly protected by PC "A" acting as a firewall, PC "A" itself is unprotected. My recommendation, for simplicity's sake, is simply to get a broadband router. Connect that to your modem, let it be your firewall, and then connect your two PC's to the router. Related:
Article 11340 | Posted April 3, 2007 |
Popular & Hot How do I make a new MSN Hotmail account? How do I delete history items from my Google tool bar? My desktop Recycle Bin has disappeared - why, and how do I get it back? How do I delete my Hotmail account? I accidentally deleted my Recycle Bin in Vista - how do I get it back? New & Important How can I get the old Windows Live Hotmail back? Internet Safety: How do I keep my computer safe on the internet? Are free email services worth it? Would you please recover my password? My account has been hacked or I've forgotten it.
Stay Informed Archives Advertisers |
|
•
Some of us with older broadband connections (mine is an older Hughes/Direcway satellite connection, DW4000) don't have the router option as the ONLY connection option is USB and software on the host computer for it all to run right. So I HAVE to run ICS without benefit of a router firewall in front of it all (as I don't have a spare machine that could have no other duties besides running the satellite connection and passing it on to a router).
But some firewalls (and I don't have experience with many, so PLEASE don't take this as a recommendation) are set up for ICS - I'm using the not-free version 7 of Zone Alarm Security Suite which has an ICS protection option - I hate that it slows my boot time unbearably but it does seem to be doing a good job of protecting both my computer (the host) and my kid's (the client) from incoming annoyances (100% from Shields Up for both computers) but, since it is not installed on hers, doesn't take care of outgoing concerns from her machine, I am still working on that as I don't want to burden her older, slower computer with the bloat of the full-blown ZASS 7.
So there are options...a good firewall on the host computer may be fine for incoming attacks for all machines on a local network but it seems that software on each individual machine is needed to deal with possible outgoing issues...
Lelani
Posted by: dunstergirl at April 3, 2007 11:16 PM