Outpost Pro 2.1.292.3816
Windows 98SE
I'm using a cable modem and a switch to provide internet connection to three PCs at home. Outpost Pro wasn't able to detect my network settings, so I added the other two IPs as trusted. However, I'm still not able to see the other computers in my Network Neighborhood. The other two are using freeware version of ZoneAlarm and have my IP added in their trusted zone lists and are working perfect when Outpost is shut down.
I tried adding the IPs in the protect.lst file between the "IgnoreHosts" tags and switching the firewall from stealth to normal mode.
Does someone have any suggestions? Thank you.
Okay, nothing changed with the changing of Windows.
Your last suggestion doesn't seem to help too. When adding 24.150.0.0, the subnet mask is 255.255.255.255, instead of x.x.0.0.
I haven't asigned the IPs. I had only one PC when I signed up with my ISP, then I just bought a switch and plugged the other two computers in and their IPs were asigned automatically.
Try adding an entry of 24.150.47.0/255.255.255.0 and checking the NetBIOS box for it. This will cover the address range 24.150.47.1 - 24.150.47.254 (24.150.47.255 is a broadcast address which should reach every PC in the 24.150.47.* network).
Network Neighborhood missing from desktop::
Network Neighborhood question, Suzette, Windows XP, 4, 29th May 2008 23:58. Network neighborhood Problem, robwhite, Windows 2000, 13, 4th November 2004 12:
http://www.windowsbbs.com/windows-2000/76076-network-neighborhood-missing-desktop.htmlHOME |
If this works then check your Allowed logs to see if any connections are being made to PCs in the 24.150.47.* network aside from your own and post the results.
Welcome to the forums, Aglar,
Are you seeing any entries in your Blocked or Attack Detection logs? What entries do you have in your LAN settings? (Options/System/LAN). How are your IP addresses allocated?
I set up the NetBEUI protocol and everything's working fine. I think I'd use this for now, since it's hard for me to decide which one of the two option I should use ;).
Anyway, strange thing NetBEUI isn't installed with Windows XP and had to read an article on Mirosoft's site on how to enable its installation. As if it's the most useless thing around, having in mind how many things Windows installs... :rolleyes:
So thanks again all! I'm happy to be able to use Outpost Firewall without a hitch for now, because I didn't want to switch to another :).
Aglar,
I see that you simply have a cable modem and a switch. So, I will strongly suggest that you disable the public IP trusts in OP & ZoneAlarm (for now) because the current configuration allows explicit netbios connects to your computer from any computer in the trusted IP range.
I guess the only other item that I do not understand is what actually assigns the other two computers their public IPs. Do you have a block of static IPs from the ISP?
The best suggestion (either way) will be that you purchase a cable/dsl router. The most popular (and affordable) brands are Linksys and Netgear...some others too. These normally have their own basic firewalls, which will offer you layered protection (with OP) and reduce much of the workload on OP. Most importantly it will segregate your private LAN from the internet.
Many of us here use routers and you should get plenty of assistance configuring it.
aglar, use the subnet mask 255.255.0.0 not 255.255.255.255.
Has this ever been an issue in the past? Are you using a router/NAT between your PC's and the internet? I'm guessing the 24.150.x.x range is for your internet IP's, and your ISP gives you multiple IP's?
I couldn't find any other computers connected to the network, except for the three I need (including mine).
Adding the IPs separately doesn't help at all! I also tried (as Paranoid2000 earlier suggested) adding 24.150.44.* and 24.150.46.*, for the other two computers, but still no success. The IPs aren't dynamic.
I carefully checked the log and there're a few blocked NETBIOS requests to 24.150.47.255 and that's all. It cannot make any connection to the other two machines without going trought this thing. Pretty annoying..
So I added that IP address in the LAN settings and enabled netBIOS for it. The next reported block was for the IP of the PC I was trying to access, so there's no more straying.
Next, I added the two IPs I need to access and everythings went on pretty smoothly afterwards.
And that's as tight as I could set it, the minimum number of IPs are allowed to use netBIOS.
If anyone has any better ideas, let them ring :).
And I want to thank you guys for your continuous suggestions and help :).
Yes, NetBEUI will be a good idea in the meantime.
Nope. It didn't help.
My IP is 24.150.45.*, but the other two are ....44.... and ....46....
I checked the blocked list again and the only blocked netBIOS were a few from 24.150.45.255.
It's only a simple 5 port AOpen switch.
Yes, the cable modem is provided by the provider and it's RCA DCM315.
glad to hear it's working now. Perhaps you have dynamic IP's and they change.
Yes having NetBIOS enabled would be less safe, which is why having a hardware router/NAT/firewall would be more secure. Although, I haven't heard of any newer broadband modems that do not block NetBIOS ports already, but I personally, would not rely on my modem to act as a security appliance.
hmm, I hate to burst the bubble, but a few things do not seem right.
Most importantly, this network is not safe - it is actually wide open. Assigning a public IP range as trusted on a private network is a huge mistake - even if behind a NATed router.
Aglar,
you mentioned, "switch." Do you actually have a Cable modem (provided by ISP) and a ROUTER (instead of a SWITCH)? If so, the router needs to be reconfigured with a public WAN IP and a private LAN IP range (10.0.0.0, 192.168.0.0 are most commonly used). In which case, you will need two static IPs from your ISP.
Alternatively, you may simply get a cable/dsl router (combined), which will allow you to use a single dynamic or static WAN IP.
Regarding your previous question, note that netbios works by using an initial broadcast to the entire subnet. Hence, by adding single IPs as trusted does not necessarily allow netbios - the broadcast *.*.*.255 will be blocked.
If I am wrong in assuming that you have a router, then I am very curious of how your cable modem is acting as a router and dhcp server. What brand/model equipment do you have?
Oh yes, Paranoid is right. Netbios over NetBEUI broadcasts will be seen throughout the public network as well. The Netbios over TCP/IP broadcast will also be seen - but limited to the 24.150.44.255//24.150.45.255//24.150.46.255 ranges. However this range represents a few hundred public IPs.
Regardless of firewall, your LAN will need to be configured securely - this leave you with two options:
1. A router
2. A second NIC for each computer. One (internet traffic) will be configured for TCP/IP only with Netbios disabled, while the second (LAN) will be configured for NetBEUI only.
NetBEUI is completely non-routable. However it will be broadcast over any LAN - and in the case of cable ISPs, their network may well be set up as a (very large) LAN. So in this case NetBEUI packets may be visible to other users of that ISP. While this would be limited to that ISP's network, many would consider this part of "The Internet".
So cable users should be wary with NetBEUI, everyone else should be OK.
The other two PC (with ZoneAlarm) don't have a netBIOS allowed for that public IP address. I've only added the single IPs of the different machine at home.
How are the other two IPs allowed? I have no idea! I was a bit stunned to find them out after I recently plugged the other two PCs in.
Buying a router, although a good thing to do, just won't do right now. My budget is a bit tight.
So, is you have any better ideas about convenient file sharing trough the network, please share them :).
could it have something to do with the fact ur using zonealarm on the other machine/s?
If you are stating that your PCs have the IP addresses 24.150.44.x, 24.150.45.x and 24.150.46.x then try adding 24.150.44.0/255.255.255.0, 24.150.45.0/255.255.255.0, 24.150.46.0/255.255.255.0 to your LAN settings with NetBIOS access. Remove all other entries for the time being.
Zero-Point:
Thanks for taking the time to look at this. I was considering similar suggestions but got sidetracked with other threads.
Aglar:
I believe you may have a security issue here. When you browse your Network Neighbourhood, your PC will connect to another PC called the Browse Master which is responsible for maintain details of what files and folders are available. How is the Browse Master chosen? An election is held, with the most powerful system running the latest version of Windows being selected.
Now it sounds as if your ISP has everyone connected up in one big happy family on the 24.150.x.x network (you can verify this by seeing what other systems are available under Network Neighbourhood). If so, then someone else's system is most likely the Browse Master for your network which is why you have to specify such a broad range in your LAN settings (if you check your logs, you may find NetBIOS packets being sent to this Browse Master).
If this is the case, then not only are details of your shared files being made more public than you may wish - but others can also connect to your systems and use various NetBIOS exploits to cause problems. To prevent this, delete all entries in your LAN settings and re-enter the IP addresses of your other computers with a 255.255.255.255 subnet mask and check the NetBIOS box. Do this on all your PCs (i.e. each one should have the others' addresses listed). Disable the "Auto-Detect" in all cases. Then restart Windows on all systems - this should result in one of your systems being elected as Browse Master for your network, since no other machines should be accessible.
Aglar,
You IP addresses of 24.150.44.?, 24.150.45.? and 24.150.46.? along with the broadcast address of 24.150.47.255 suggests that your network address is 24.150.44.0 with a subnet mask of 255.255.252.0. Since you have not given any indication otherwise, we can only assume that these addresses were given to you by your ISP (and you should be able to check the subnet mask with an ipconfig from the Command Prompt).
Therefore a LAN setting on 24.150.44.0/255.255.252.0 with NetBIOS enabled should work - but having your PC's individual IP addresses and the 24.150.47.255 broadcast address (all with 255.255.255.255 masks) listed instead would be far more secure. This is what you are currently using if I read your posts correctly.
As long as all your PCs have similar NetBIOS filters, then this should be fairly secure. I would have reservations about using NetBEUI in this situation however since NetBEUI is broadcast throughout a local network - and there is a good chance that your cable ISP has things set up in this way, meaning that other users of this ISP would see your NetBEUI packets. NetBIOS has the same problem - but can be filtered by Outpost whereas NetBEUI cannot.
Getting a NAT-capable router would improve your security in that it would stop NetBIOS/NetBEUI packets being sent on to anyone else and I would recommend you consider this as your next purchase.
zero point :):)
Nice post. Thanks
You cleared it up nicely. I have to admit, I didn't understand what was going on as I use a router and NetBEUI as a protocol for LAN traffic.
You made it very easy to understand something I am not familiar with.
As you can see, Mod doesn't mean all knowing :D
Thanks again,
Chris
Hi pokinpo,
It is my understanding that NetBEUI is not routable over the internet.
That is why I use it. More security. However I am not an expert in these matters.
Chris
Thanks Parnoid,
I forgot that with cable, all the users on that ISP are one big "family"
In fact you don't want to enable file and print sharing. or oters will we able to look around in your harddrive.
I forgot all that as I use DSL.
Thanks again,
Chris
Here's what I get in the blocked log when I open Network Neighborhood.
16:13:20 SYSTEM TCP 200.50.42.91 4285 Packet to closed port
16:13:07 NETBIOS TCP 24.150.45.151 3906 Block Server Message Block Protocol (TCP)
16:13:06 SYSTEM TCP 64.235.206.207 1582 Packet to closed port
16:13:04 NETBIOS UDP 24.150.47.255 NETBIOS_DGM Block NetBIOS Traffic
16:13:02 NETBIOS UDP 24.150.47.255 NETBIOS_NS Block NetBIOS Traffic
Those IPs are unknown to me, although it is clear that those starting with 24.150.... are all of my ISP.
The LAN settings are as follows.
First is the Internet: 24.150.32.0; netbios is not allowed
Then come the two IPs of the other two PCs - 24.150.*.*; both are trusted
How do I change the subnet mask in the LAN settings? Outpost seem to set it automatically after entering an IP.
And no, it hasn't been an issue in the past, but I installed Outpost Firewall Pro just recently. I also tried some others and didn't have a problem with that. I just think that Outpost is better than those I've tried, so that's why I'm sticking to it so far.
Why not use the NetBEUI protocol. That is what I use for LAN traffic. It isn't routable to the internet which allows for greater safety and it is ignored by Outpost so you don't have to set up rules for your file and print sharing.
Have a good evening,
Chris
Are your IP addresses assigned to your PCs by your ISP or do you choose them yourself? If ISP-assigned, they may have changed to a different network - in which case a broader LAN entry like 24.150.0.0/255.255.0.0 may be needed.
Nothing.
Now I can't even see myself in the network, heh.
I'll be switching to Windows XP today, so I'll post again later. We'll see if anything will change.
Ah-hah, I see what you have done. Do not enter "24.150.0.0" explicitly, othwise OP will put the subnet as 255.255.255.255. What you need to enter is "24.150.*.*" and OP will make the IP "24.150.0.0." and assign the correct subnet of 255.255.0.0.
OP is reading that the IP you entered "24.150.0.0" is a single IP.
btw, would it be better if OP did not read an explicit IP of "24.150.0.0" as a single IP (which would be a bug if I am correct) and automatically assign the subnet 255.255.255, but rather read that entry as a range and assign it a subnet of 255.255.0.0?
I just trying switching ZoneAlarm off on one of the computers, still the same thing.
Perplexing.
This is exactly what I have done! :)
I added 24.150.*.* and it seems to be working fine now. But why wasn't it working when I added the single IPs? This is still a mystery for me :).
Anyway, doesn't the enabling of NetBIOS leave me a bit "open for business"?
 Get Smart About Monitoring Virtual Machines
 Microsoft Gets Ex-Streamly Cozy with U.K.'s MediaWave
|
Network Neighborhood problem