How can I cripple internet access on a networked computer?

[Duwelon]

I have 4 computers happily sharing both network files/printer and a DSL connection. I need one of them cut off the internet but I don't know what the best way to go about it is. I want it to be able to access local network shares and printer(s), just no internet access.

Would somehow(not that I know how) blocking port 80 do this?

Something in the router I can possibly configure to do this? Dlink router, pretty flexible I think.

Thank you.

 

[JackMDS]

Hopefully your Router can block Internet connection by IP or MAC.

Otherwise you can install NetBEUI as the sharing protocol, and disable TCP/IP on the ?Punished? computer.

Link to: How to Disconnect the Internet and Keep your LAN and File Sharing a Live.

:sun:

 

[mboy]

Take away the default gateway in the NIC setting.

Netbui, you still pimpin' that crappy protocol Jack?
Even my Global Knowledge ICND instructor called it a dead protocol yesterday.

 

[JackMDS]

Originally posted by: mboy
Take away the default gateway in the NIC setting.

Netbui, you still pimpin' that crappy protocol Jack?
Even my Global Knowledge ICND instructor called it a dead protocol yesterday.

You are absolutely right about NetBEUI:thumbsup:, but out of context. I do not think that the OP was discussing a medium to large corporate Network.:shocked:

Put NetBEUI on a Windows Network of few computers and use it with or without TCP/IP for sharing.

Sharing and file transfer get smother, faster, and there is No negative repercussion what so ever.

There is one thing I learned long time ago. Words do not create factual reality. Reality is what it is, and use or miss use of words would not change it.

Your love or hate for someone is not a function a ?Throwing Out" a slogan like:

?Distance makes the heart grow fonder?.

Or ?Out of sight of out mind?.

:sun:
People just choose the one that post factum justify their doings.

 

[yoda291]

Originally posted by: JackMDS

Originally posted by: mboy
Take away the default gateway in the NIC setting.

Netbui, you still pimpin' that crappy protocol Jack?
Even my Global Knowledge ICND instructor called it a dead protocol yesterday.

You are absolutely right about NetBEUI:thumbsup:, but out of context. I do not think that the OP was discussing a medium to large corporate Network.:shocked:

Put NetBEUI on a Windows Network of few computers and use it with or without TCP/IP for sharing.

Sharing and file transfer get smother, faster, and there is No negative repercussion what so ever.

There is one thing I learned long time ago. Words do not create factual reality. Reality is what it is, and use or miss use of words would not change it.

Your love or hate for someone is not a function a ?Throwing Out" a slogan like:

?Distance makes the heart grow fonder?.

Or ?Out of sight of out mind?.

:sun:
People just choose the one that post factum justify their doings.

I don't think throwing out a currently working system to replace it with a less robust, deprecated system is ever really the best course of action. Especially considering the increase in broadcast traffic may have an indeterminate effect on even a home network AND other completely acceptable alternatives exist. Just my opinion

1.) throw out the default gateway, as suggested.
2.) Lots of routers allow you to specify advanced routing rules...I've seen it on a bunch of dlinks and linksys's and 1 smc barricade. Just make the default return route to the box you want to restrict point to black hole unused address on your network.
3.) Many dsl/cable routers support access policies. You can specify whether or not a machine is allowed on the network.

 

[JackMDS]

Quote: ?Especially considering the increase in broadcast traffic may have an indeterminate effect on even a home network?

Few years ago when the Entry level market was in a procces of moving from Hubs to Switches we use to have a very common posting about ?the big fear? of what is going to happen to your Home Network if you would use a Hub instead of a Switch.

Well, when it comes to small networks.

Log here: http://www.scottmac.net/, and click on Switch vs. Hub (left side menu).

:sun:

P.S Few times a week, late at night there is a Program on the Discovery Channel called ?Myth Busters?.

I would suggest to every one who is engaged with technology to take a look, amusing stuff.

 

[yoda291]

Originally posted by: JackMDS
Quote: ?Especially considering the increase in broadcast traffic may have an indeterminate effect on even a home network?

Few years ago when the Entry level market was in a procces of moving from Hubs to Switches we use to have a very common posting about ?the big fear? of what is going to happen to your Home Network if you would use a Hub instead of a Switch.

Well, when it comes to small networks.

Log here: http://www.scottmac.net/, and click on Switch vs. Hub (left side menu).

:sun:

P.S Few times a week, late at night there is a Program on the Discovery Channel called ?Myth Busters?.

I would suggest to every one who is engaged with technology to take a look, amusing stuff.

actually, that comment was more in regards to how networks handle broadcast data vs throughput over a hub/switched network. I, personally, don't have a whole lot of problems with hubs by sheer virtue of the fact that it is theoretically impossible to crash a hub(at least without the often comical application of a blowtorch). Packets that are designated as broadcast packets inevitable MUST be processed by every machine that receives them (except low level network hardware...like a hub), if for no other reason than to determine if the data is meaningful. On top of that, most all network equipment has to devote processor cycles to do so (few boxes in home networks have ASICs for this purpose). This becomes a problem if his router is already under any significant amount of load. It used to happen on early SMC broadband routers. They would get pegged and panic out, forcing users to do the good old unplug-plug. Even in an enterprise network over very small vlans, most network admins at least give a nod to where broadcast domains sit.

Now while the likelihood of this is low (really low...like par with the odds of the pope getting some nookie), you also have to look at the situation in that the OP already has NetBIOS over TCP/IP running perfectly well. So really, there's no need to be dropping different protocols over the network. It's like me asking how to change the air filter in my car and getting a recomendation to replace the engine with one that runs on natural gas (like in city buses). Granted, it fixes my air filter problem, but it's more work than necessary.

ps- I love myth busters.

 

[Alex]

can't be bothered to read the replies cause they are too long but just block port 80... this can be done in the router config page, what that particular section is called depends on your router but shouldn't be too hard to find i think its in 'port forwarding'...

works like a charm! couple years ago my roomates in college refused to pay me for internet (i had everything under my name) and the only way for me to get them to pay was by blocking port 80 so they couldn't use it until they paid me muahahha :evil:

kinda mean i know but hey why should i pay for their internet when we had agreed on splitting costs 4 ways...right?

 

[ktwebb]

The easiest and IMO most effective way to block WAN traffic? Do as suggested. Remove the gateway IP. You'll probably need to put a static IP on that box unless your router allows you to leave out address variables, which is doubtful. The gateway is the address the machine hits if it is looking for an address not on the local network. The gateway is the NAT router. Remove it from the TCP/IP properties and the machine will have nowhere to go if you try to leave the lan, going to forums.anandtech.com for instance

 

[OmegaXero]

I agree with setting the default gateway to a different value. This is by far the easiest solution and it won't force you to change your current network setup by adding protocols or extra overhead, etc. etc.

 

[JackMDS]

As I indicated in my first post, using the Router capacities is the first choice.

I added the NetBEUI remark as a backup.

I do not care about NetBEUI or TCP/IP or what ever, I just care that people can do something with their systems.

However reading the remarks make it quite clear that most of the people never installed NetBEUI on a small Network, and they have No functional clue about what it entails.
The comments seem to be mainly ?Rehashing? of what is ?common knowledge that was mentioned in freshman classes, and might or might not fit to this specific circumstance.

But that is OK it seems that the phenomenon of ?Empty? Slogans across the board became a societal problem. Probably the outcome of the ignorant way 24 Cable News is approaching every thing in live. I wonder if from a partisan point of view NetBEUI is Democrat or Republican.

:sun:

 

[bgroff]

Good god Jack, you know you're having a bad day when NetBEUI becomes political! If anything, you should have been amused at the answers to your suggestion. It seems that you're just an old schooler in a new fangled world... I would have given you points if you could have worked in Trumpet Winsock and SOCKS into the backup solution as well. Then we really could have been back in 1995! :laugh:

As for the folks who mentioned broadcasts being a problem, COME ON! You're talking about a network of like 4 computers. This is not a broadcast intense network. If anyone is doing that much broadcasting, its probably because someone created a broadcast storm on that unmanaged switch.

 

[Eltano1]

bgroff just beat me about a network of only 4 PCs, c'mon guys. I do use NetBEUI in my own network at home. along with TCP/IP, and as a matter of fact, yesterday I checked my dl speed and it almost reached 4 MB. Can someone tell me where is the downside of using NetBEUI?. For those that answered changing the gateway, what about if the user is savvy enough to figure it out and changes it back? And how do u block port 80 in that PC? This is an honest question ( not trying to play smart, I don't have the answer myself).

Eltano

 

[nweaver]

install a firewall, and just disallow outbound requests on port 80. Or disallow by programs (iexplore and firefox) if the program allowas that.

 

[mboy]

Originally posted by: Eltano1
bgroff just beat me about a network of only 4 PCs, c'mon guys. I do use NetBEUI in my own network at home. along with TCP/IP, and as a matter of fact, yesterday I checked my dl speed and it almost reached 4 MB. Can someone tell me where is the downside of using NetBEUI?. For those that answered changing the gateway, what about if the user is savvy enough to figure it out and changes it back? And how do u block port 80 in that PC? This is an honest question ( not trying to play smart, I don't have the answer myself).

Eltano

Don't give them admin rights on that PC, problem solved!

 

[mechBgon]

If you'll tell me the model of D-Link router, I'll research the question about blocking that computer from having WAN access for you. If the router has a revision number along with its model name, please include that also.

 

[mechBgon]

I grabbed this out of a basic D-Link's PDF manual, sorry their image is not very good quality:

http://pics.bbzzdd.com/users/mechBgon/D-LINK_ROUTER_FILTERS.gif

You would log into your router, hit Filters, then enter the MAC address of that computer's NIC.

 

[JackMDS]

Ooppss.

 

[JackMDS]

Link to: Blocking a Windows 2000/XP/2003 computer from surfing on the Internet but still allow it to surf to Intranet sites.

:sun:

 

[CheapBastardo]

Is there gonna be a conflict with the network if I install both TCP/IP and NetBEUI. If I can install both, how do I set only the NetBEUI to the local lan for file transfer among hosts and TCP/IP to be used for Internet?

 

[JackMDS]

Originally posted by: CheapBastardo
Is there gonna be a conflict with the network if I install both TCP/IP and NetBEUI. If I can install both, how do I set only the NetBEUI to the local lan for file transfer among hosts and TCP/IP to be used for Internet?

You unbind TCP/IP from local File sharing.

Link to: http://www.ezlan.net/network/XP_Net_advance.jpg

:sun: