• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Fully block internet access

S

Sumotku

Member
I have a workstation that hasn't seen the internet since XP was installed and updated, and a laptop which is always online. I'd like to access files on either computer from the other without exposing the workstation for a millisecond. I can hardwire the workstation to the router, but can I have my intranet with no internet? I've gotten used to USB drives for moving files, but that's getting old. Is there a 100% secure solution?
 
Windows XP is not that old. A lot of people still uses it--including myself. Just update it to the latest patches. If you are still paranoid, most router can block specific intranet IP addresses. Just assign the workstation a static IP address and block that IP in the router.
 
Connect the Desktop computer to the router and manually configure the IP address, excluding a default gateway. That'll make it unable to access the internet, though it will still be accessible to hosts on the same subnet.
 
Is it a safe assumption to say that the acid test for this would be to verify zero packets sent/received after configuring (without file transfers running of course).
 
Not really. Networked devices are often very "chatty", sending packets back and forth even when no active file/data transfers are being processed.

The acid test for me would be to confirm you can still transfer files between computers, then confirm you cannot access a web page after configuring the PC to have no default gateway.
 
Control Panel>Network Connections>scroll down to Local Area Connection> right click and scroll down to Properties> Scroll down to Internet Protocol> Click on Properties>Advanced tab>Options>TCP/IP Filtering>Filtering>Enable TCP/IP filtering>Permit only some bogus port say 2000 (specifically do not include port 80 (thats the one for web browsing)).

You may also do the same thing from the router, by blocking traffic over port 80 and others for ftp/email/etc (google for relevant ports) for this particular pc.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top