I'd like to enable the XP firewall and still enable
printer sharing via Microsoft Home Networking (win98 SE
portable). Although I'm behind a NAT box, this does not
provide sufficient security as anybody can find out via
Google.
Ideally I'd like to disable all incoming traffic from
outside my LAN via the XP firewall or disable all ports
not needed for the printer sharing.
Any clues if this can be done? and if so, how?

If your network is behind a router you do not need any firewall protection.
If you do firewall in addition to the router and want to share on your
network you are SOL that simple. Whoever is telling you it is not sufficient
protection they are wrong and just out for money and want to add to your
paranoia. Microsoft states networks behind a router that want to enable file
and printer sharing to turn off your firewall. There is nothing incoming on
your ports and there are plenty of sites to check that. You are misinformed
totally.
"Carl Binding" > wrote in message
...
> I'd like to enable the XP firewall and still enable
> printer sharing via Microsoft Home Networking (win98 SE
> portable). Although I'm behind a NAT box, this does not
> provide sufficient security as anybody can find out via
> Google.
> Ideally I'd like to disable all incoming traffic from
> outside my LAN via the XP firewall or disable all ports
> not needed for the printer sharing.
> Any clues if this can be done? and if so, how?

well, it's not that easy as you think. you can route
traffic through your NAT box by modifying routing entries
on an hostile host, assuming you know the IP address of
the NAT box. Your NAT network presumably has a network
addr of 198.168.x.x. if you set up a hostile machine as
router via your known NAT hub, you can enter the 198.168
network supposedely not accessible. This only happens if
your access point to the internet does not have a
firewall, which is the case for some wireless LAN/ADSL
hubs (from Netgear for example). These do *not* have
firewall functionality making our point regd. MS's advice
mute. Hence one would still like to enable the individual
XP firewalls in order to block incoming traffic from
outside the 198.168 network. There is no obvious technical
reason not to include such functionality in a firewall
product, unless of course you want to force the paying
customer to buy a dedicated product from say Symatec. What
MS currently delivers on XP as "firewall" is not good
enough.
>-----Original Message-----
>If your network is behind a router you do not need any
firewall protection.
>If you do firewall in addition to the router and want to
share on your
>network you are SOL that simple. Whoever is telling you
it is not sufficient
>protection they are wrong and just out for money and want
to add to your
>paranoia. Microsoft states networks behind a router that
want to enable file
>and printer sharing to turn off your firewall. There is
nothing incoming on
>your ports and there are plenty of sites to check that.
You are misinformed
>totally.
>"Carl Binding" > wrote in message
...
>> I'd like to enable the XP firewall and still enable
>> printer sharing via Microsoft Home Networking (win98 SE
>> portable). Although I'm behind a NAT box, this does not
>> provide sufficient security as anybody can find out via
>> Google.
>> Ideally I'd like to disable all incoming traffic from
>> outside my LAN via the XP firewall or disable all ports
>> not needed for the printer sharing.
>> Any clues if this can be done? and if so, how?
>
>
>.
>