> On Saturday 07 July 2001 12:43, thus spake Judith Miner:
> > Not so! Please consider this from the perspective of the normal,
> > standalone Windows user. We're not talking about large networks here,
> > which Linux folks seem unable to comprehend many times.
>
> All I have ever dealt with are network of less than 100 nodes, and several
> were less than 10. That qualifies for small, yes?
I see a major difference in the mindset here. Judith speaks of small as in
stand alone or 2 or 3 computers as is my own home network I think one of
the issures we are talking about security wise is the home user and how it
is different from at the office network. That and how to tone things that
aren't really necessary down some security wise at home for our own ease of
use.
> > A small LAN in Windows should be using the NetBEUI protocol, not TCP/IP.
> > File and printer sharing is enabled *only* for NetBEUI. TCP/IP is *only*
> > for your Internet connection and you do not have file and printer
> > sharing enabled for TCP/IP. NetBIOS is not to be enabled for TCP/IP. So
> > with no file and printer sharing for TCP/IP, your hard drive cannot be
> > viewed by the outside world.
>
> That's nice in theory, but I've never seen such a setup. Most *small*
> networks are set up in one of two ways: all protocols are installed and
> running (the Microsoft default -- NetBEUI, IPX/SPX, and TCP/IP all at
> once), or else someone has gone and removed everything except TCP/IP, so
> that is the only protocol being used.
On a home network it is not just a theory. That is exactly how my home
network functions with the addition of a firewall provided by Zonealarm. I
have no need to have file and printer sharing enabled for TCP/IP in my local
area connection. Win 98 enables you to separately contol file and printer
sharing for each protocol so it is completely practical there whether using
a permanent internet connection or dialup. Now on my WIN 2K systems I can't
disable file and printer sharing on TCP/IP if I'm accessing the internet via
my ethernet card but when using a dialup it is very easy to do. You might
be actually be able to have multiple Local area connections if you had
multiple ethernet cards though...not sure how that would work out.
> If I see all protocols in use, I will cut out all but TCP/IP if I can,
> because running multiple protocols is extremely inefficient on a PC, and
> it hurts overall network performance. Also, NetBEUI is a very "chatty"
> protocol, in that hosts are constantly announcing themselves to the
> network, and so even on a small network, performance can suffer because of
> heavy network traffic.
On my home network even though I wound up with 10/100 ethernet cards my hub
is only 10T and I've never upgraded because it was always sufficient for my
needs. By being chatty I assume you mean the part where under "My Network
Places" that it has already searched and found the other computer and almost
immediately snaps to the other computer without any delay. This is possibly
less efficient but damn handy for me when I simply need to grab a file off
the other computer in a hurry. My computers both are set to log on to the
same user automatically from boot thus granting immediate file permissions
from both computers. If I ever needed more speed I could always upgrade the
hub.
> > Microsoft has set up terrible defaults for someone setting up a small
> > network. They are easily changed and you don't have to know much to do
> > it, but "out of the box" the defaults are very unsafe and Microsoft is
> > to blame for that.
> > --Judy Miner
>
> I must agree with you there. Microsoft's defaults are horrible. And even
> their documentation stinks -- their own help files only show you enough to
> set up a basic network running all three protocols! It takes outside
> reading and/or experience to learn the "right" way of doing things.
>
Ditto on the default settings being horrible!
Tazmun
