Hi Nick,

Never had any problems running a home network on my PC:s with RRS or Marvels.

You may want to stay away from 3Com NIC:s though.

Pertti

I'm running a 95/98/NT4 peer-to-peer network on TCP/IP here (that breaks Elies rules BTW). Mainly using Genius NE2000 compatibles but I do have a 3Com that finds itself installed from time to time.

It's a major leap to get it running (took two of us a LONG evening plus many exciting events since). Elie, I think you use Netbuie for the internal network, do you want to tell us why and give some ideas on settings ?

Chris,

Has Elie also posted some "rules" lately ?

As for my use of NetBeui instead of TCP/IP or IPX/SPX in my local networks (at home and at work), I have chosen it because it was the original protocoll for WfW networks (they should know how to do it by now), it is simple to set up (practically installs by it self), and hasn't given any problems so far.

Pertti

Hi Guys,

You can use NetBUI or TCPIP it doesn't matter, in my case because I am constantly connected to the Internet via cable modem, I like to disable TCPIP on machines that i don't need access to anything but files, this way it prevents hackers from fooling around.

Regardless make sure you use one protocol and not two or three this way you prevent collisions and CRC's.

Also it is very important that you buy 100mb Ethernet cards and connect them to each other with a Ethernet reversal cable, just ask your local computer store for one, if they don't have it available you can make one yourself providing you have the tools.

The pinout is as follows..

pin 1 --- 3
2 --- 6
3 --- 1
6 --- 2
4 --- 4
7 --- 7
8 --- 8
you need 2 RJ 45 connectors with a crimp tool.
The reason for 100mb is because at 3.102mbps sustain data rates which is the maximum rate the RR-G is capable of you need the extra bandwidth to cope.
I might be going over board with this info but it's good for those that like to experiment.

Chris, There's nothing wrong in using TCPIP, Actually it recovers if there's errors on the network by issuing a retransmit packet when ever the previous expected packet is not recieved.

Just the potential for hacks in my case does increase 10 folds

Pertti, Maybe it is time for "Networking your RR with Elie as your host"

Actually believe it or not most production studio's have their drives networked either via fiber channel or fast Ethernet this way the storage capacity increases and so does productivity.

Anyway I hope this helped a bit oh and don't worry about conflicts as long as the IRQ's are unique.



------------------
Regards,
Elie
Your Network/Video Specialist

Hi!

Add my penn'orth

1. Agree with Elie: if you have a modem on one computer, disable TCP/IP on the rest.

2. If you use the network just for file transfer, then a slow thin coax with BNC connectors is the easiest solution for peer-to-peer workgrouping, and it's cheap. Remember to use terminators, though. Even at 10 MHz, you can view MPEG/Indeo AVI video across it quite comfortably. I've used this for years and its (nearly) foolproof. I use 3-Com cards.

3. Perti: what makes you think Microsoft know how to do it by now OK, I use the MS Workgroup technique, mainly because I don't pay anything extra for it

------------------
Brian (the terrible)

Elie, I might just take you up on that offer but I need to upgrade my NIC:s first.

Brian, lets put it this way...
I believe there is a greater chance of them at least getting some parts of that right

Pertti

Guys, you never cease to a) amaze me and b) crack me up !

Now which one of you was it that got first-hand experience of being hacked by (name removed to protect the guilty) ?

Yep, admitted that TCP/IP is more open to hacking unless you have a secure system or use NT to restrict folder access by username.
But no system is totally safe, and how many people really want to hack your system ?

I like this discussion tho, please carry on.

Oh, BTW I'm using 10Mbit NICs (Genius, 3-com, etc) and RJ45's via a 5 way hub - that coax is a pain trying to un-kink.

[This message has been edited by This_Idiot (edited 25 January 2000).]

Hehe

Chris you might want to download a package called "Black Ice Network Intrusion Defence System" and see how many people try to hack per hour.

I installed it and MAN it's like these guys have nothing better to do, totally pisses me off

Some try to hack using UDP ports, some try to check your system for Trojan files and some like to check to see if your sharing your drive on the network.

Locally though TCPIP is great
TRY your best everyone and make sure IPX is not one of the protocols configured on your system, it broadcasts like crazy, something like 5-10 hello or discovery packets every 2 seconds.

I know I'm gonna get it from a Novell guru anytime soon

------------------
Regards,
Elie
Your Network/Video Specialist

[This message has been edited by Elie (edited 26 January 2000).]

I understand BLACK ICE is an exellent product, I might even chose to pay for it when I get my full-time 2way connection. But even on my part-time one-way cable system I have had attacks. I use a freely downloadable program called NUKE NABBER, It logs the attacks, logs the attackers IP and shuts down the port. You might try it to see what kind of activity your system draws, and if you need greater security.

Mark F.

------------------
OH NO, my retractable cup holder swallowed a CD

Thanks Mark,

I wouldn't mind a URL if you have one handy for NUKE NABBER.

I tried Black ICe but because of the security levels it soemtime doesn't even allow me to play quake3 online, it think the server is trying to hack
Also it didn't allow me to use VPN to connect to my internal network in the office.

Your help would be greatly appreciated.



------------------
Regards,
Elie
Your Network/Video Specialist

Thanks for all the info guys - I might have to reverse the roles of my PCs and use the NT box for web access just for the additional security.

A funny thing happened a day or two back. I received 2 copies of the latest 2 emails. Of each email, one was "genuine" and the other appeared to be completely blank except for an attached file called "happy.exe". Needless to say both the offending emails were instantly deleted without being opened and I ran a full virus scan just in case.

You want to hear a another funny thing? A while back someone tried to hack my pc, I did a trace of the IP and found out that it was owned by Matrox.

You can use VPN you just have to turn down the security level of BlackICE to cautious, and to play online it's best to stop BlackICE with "blackd.exe stop", just make a shortcut somewhere.

Chris

I wouldn't mind betting you have a hacker visiting you at least once a week. These guys have scanners that try IP numbers in turn until they hit someone who is connected and has no firewall. I know I have regular visits, even though, to the best of my knowledge, no damage has been done. I suspect they read files more than try to do anything malicious. I have had one curious event. I sent a .DOC confidential file to two persons. I know that it got into the hands of someone who had no right to see it (a party mentioned in it as conducting doubtful practices), because he quoted me from it. This can mean only:
1. it was intercepted during transmission, which I consider highly unlikely; or
2. one of my two interlocutors treated it as non-confidential and divulged the contents. This I consider unlikely as they would be in breach of ethical trust and they are both professionals; or
3. someone hacked into one of the three computers concerned, read the file and sold it to the opposing party concerned, which I consider the most likely. As I am on line for longer times than the others, there is a fairish chance that it was mine.

Caveat internetii!



------------------
Brian (the terrible)

Weird !

For anyone that remembers the forum getting nuked a few months back, apparently the IP "responsible" had apparently been hijacked by someone else. I'm no hacker so don't ask me how it was done !

Anyhow, I've got NN installed but the range of ports that it appears to be covering (ie the defaults) doesn't seem extensive (it misses port 80 for starters).

Anyone got any ideas on which ports I should be covering ?