On 28 Oct 2002, at 8:07, Dan Ellis wrote:

> I have my home wired (Ethernet) with a D-Link 704 Router which is fed by a
> cable modem.
>
> On my internal network, I have three PC's with 192.168.0.xx addressing. I
> want to turn file sharing on, but am concerned about security from the
> outside world.  Is there anyway an external individual can jump across my
> router and access my private network?  If my router were configured at
> 192.168.0.1 and my first pc configured at 192.168.0.2, can an attacker
> guess and try to get past the router?
>
> I am under the assumption that they can not, and I have just a standard
> setup on my network - nothing that I would consider weird, or would allow
> any of my PC's to be exposed to the outside world.  I regularly scan for
> Trojans, so I am sure that there is nothing going out. I am only concerned
> about malicious incoming traffic.
>
> Thanks,
> Dan Ellis


  192.168.x.y are some of the "private" address ranges that were set aside
by RFC 1918.  What this means is that you can use them on your network, and
I can use them on mine, and thousands of other people can use them too, and
there's no conflict, because the routers that make up "the Internet" don't
know about any of them.

  In that case, how can your machines use the Internet?  Your router is
providing a service called Network Address Translation (NAT), so that your
various machines are seen, on the Internet, as different users/processes on
a single machine.

  As long as you haven't configured the router to support a server via
*static* NAT (some router makers erroneously call this a "DMZ"), it is going
to be pretty challening for anyone to initiate a connection into your
network.  That's probably good enough.

David Gillett

                  Visit our website regularly for FAQs,
               articles, how-to's, tech tips and much more
                          http://freepctech.com