PDA

Bekijk de volledige versie : blocking windows share?



rexster
23-04-2005, 07:10
how can i block windows share between wireless users?
so all wireless users can not see each other computer.

also, i dont want wireless users to see internal LAN's windows shares

any other thing should be done for better security?

tnx

rexster
01-05-2005, 14:10
i'd search, yet cant find...

perhaps i missed it somewhere... can someone tell me if this ever talked before? where can i find it?

tnx.

Snufkin
01-05-2005, 15:53
all wireless users can not see each other computer.

RTFM, this should work from scratch.



block windows share between wireless users?

Block any activity through remote and local 137, 139, 445 ports. But it goes directly to the manual definition of proper iptables rules.

Graldensblud
03-05-2005, 10:24
Will not advanced file sharing suffice for this - same as on a wired network (works well)? Need XP Pro.

snark
03-05-2005, 14:09
Block any activity through remote and local 137, 139, 445 ports Block 135,137,138,139,369,445 TCP & UDP destination ports and sleep well when someone try to hack his neighbor's Windows PC ;)

rexster
05-05-2005, 05:10
RTFM, this should work from scratch.


but, it doesnt work.
every computer can see other computer in their network neighbourhood.
even all the shares, files and printers.

that's the reason i asked this question in the first place...



Block any activity through remote and local 137, 139, 445 ports. But it goes directly to the manual definition of proper iptables rules.

can i block the ports using web interface?
or must i use iptables from command line?
coz, i'm not good in commandline stuffs.

if it must be done from commandline,
please give more detail instruction here.
what do i type there...?


also,

will blocking those ports in my wl500g also apply to all my wds repeater?
must i also block each and every repeater in my network?

tnx.

tomilius
05-05-2005, 06:18
Here's a guess: you might need ebtables (not currently available afaik; not in firmware anyway--I tried recently to incorporate it to no avail), or you might need to set up separate LAN and WLAN networks (there's probably a guide around here somewhere).