Shared File help needed

[zer0netgain]

I apologize for the length of this post, but I suppose I need to give enough background so that you can follow what the situation is.

Back in 2006, I configured a new office network for a small office. Two custom built PCs. Identical hardware. Both using XP Pro (32-bit). When we moved into a new office, we had a wired/wireless router, and wanted to secure the network in case others could access our router.

In short, I disabled Windows Firewall in favor of the Firewall included with the hardware (nVidia Firewall). I assigned each PC's LAN port a specific IP address and configured respective firewalls to only allow access to PCs with that specific IP address. When all was said and done, each PC had open access to the Internet and could access each others shared folders.

We don't have the resources for a server, so the work files are hosted on the primary PC (mine) in a shared directory. Until now, this worked fine.

A few months ago, I noticed a quirk where I could not modify settings in the firewall as I should have been able to. We recently obtained a new laptop with Windows 7 Ultimate, and I was distressed to see that it could freely access the shared folders on the wireless network when I had not given it permission to do so. This is when I realized the firewall on my PC just wasn't letting me make any changes. I tried uninstalling and reinstalling the firewall...that buggered it all up really good.

So, I backed up files and restored the system to when it was first constructed (from HDD image). Oddly, the firewall then would not work properly, which made no sense at all. Configurations were sound but if it restricted access to other PCs, I could not access the Internet. Frustrated, I wound up reactivating Windows Firewall and turning off nVidia Firewall. This restored functionality, but it leaves a security issue unresolved.

In a way, unless someone can physically enter the office and plug into a LAN port, they can't get the shared files via hard wire...so I'm not worried about that. Anyone who enters the office could just access my PC, so the issue is moot.

It's wireless security that gets me. You need a password to gain access to the wireless network, but I had thought that my prior setup would block access to devices without a pre-approved IP address. I don't recall how thoroughly this concept was tested, and certainly the wireless function can be turned off and left off until it is needed.

Now, here is an interesting twist. When I bring in my XP laptop (personal) to use the WiFi to update faster than over modem, it can not access or see the office network, even though it is using the office wireless.

THIS IS THE ONLY DIFFERENCE I NOTICE....

My personal laptop has a user account of ACCOUNT (name made up for illustration). The office PCs and laptop all use the same office user account named OFFICE. So, yes, both PCs and the laptop(s) have a user account that is identical in name. I thought for some reason the access would be restricted only to authorized account names, but I created a user account with admin privileges called TEST, and it too could access the shared files.

I have read the articles on using advanced security on shared folders and files to restrict access to given users, but I've had two problems....

1. This only seems to deal with restricting access to named users, not to pre-authorized PCs/laptops...which is what I want as a hacker would need to find out the IP or MAC address of an authorized terminal to mimic to get through.

2. When I fiddle with this option, it focuses only on stuff available on the local PC. It won't let me designate accounts on other networked PCs. So, it seems that this is not really the angle I need to get the results I want.

For the record, I don't know why the firewall stopped working properly. With 4 years of updates and such to XP, something must have buggered it up, but I don't know why restoring the system to day one didn't restore things to the way they were.

My level of expertise is limited. People think I'm a genius, but I'm entirely self-taught and figured out what I had working by research and some trial and error to get it where I wanted it to be.

I'm looking to find a simple firewall solution to preserve document security. We're getting by right now, but my concern is wireless security. I'm disturbed that the Windows 7 laptop was able to see and access shared files before I had configured it to access the secure part of the office network. I'm disturbed that my XP Pro laptop could not do this but Windows 7 did. The new laptop is supposed to have access, but that I had not yet done that step tells me that perhaps any Windows 7 laptop could do the same if it can access the wireless network.

How is the easiest but best way to restrict shared folders to specific computers accessing a network? My search efforts don't seem to lead me to what I'm looking for.

Thanks for your help.

[yawizde]

Hi

Explorer

Tools

Folder Options

View

Scroll down

Uncheck Use Simple File Sharing

Create Identical accounts on your xp computers ( all password protected)

right click on a folder you want to share

Sharing and Security

Share this folder

Permissions

Add your account's name

Remove Everyone

Make sure only your account is added in permission's box, ofcourse other computers must have the same account name to be able to access the shared portion.

Firewall:

Click Start, click Run, type cmd, and then click OK.

At the command prompt, type the following command line, and then press ENTER:

Rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf

Restart Windows,

Click Start, click Run, type cmd, and then click OK.

At the command prompt, type the following command, and then press ENTER:

Netsh firewall reset

Click Start, click Run, type firewall.cpl, and then press ENTER. In the Windows Firewall dialog box, click On (recommended), and then click OK.

ok good luck

Yawizde