PDA

View Full Version : network between 98 & 2000



NZHawk
02-09-2004, 05:01 PM
I have a network with 3 computers. 1 running Win98 the other two Win2000. I have the printer on one of the Win2000 machines. The system can see each machine. When I go to install the printer on the Win98 machine it tells me that I need to "Enter the network password".
We haven't set up the Win2000 machine with any passwords or a firewall. Should be a clear communication, but not! Could someone help me sort out what password is being asked for.

Chilling_Silence
02-09-2004, 05:23 PM
That's just it - You havent set them up with passwords and Win2K requires authentication.

Setup your current Win2k User with a password.

Restart your Win98 computer, and login to Win98 with EXACTLY the same username / password as you used on Win2K!

Let us know how you get on.


Chill.

Graham L
02-09-2004, 05:38 PM
A Guest account on the W2k might work for printer access.

Captive
03-09-2004, 10:53 AM
Sharing Documents or Devices on Windows 95/98/ME
Dated 2004.09.03
Time: 9.35AM-9.46AM
In reply to http://pressf1.pcworld.co.nz/thread.jsp?forum=1&thread=50980


Security Hazards
You use a blank password [Not allowed by default in Windows XP]
Use a password that is too easy to guess

People literally scan Addresses on the internet to look for files they can read or machines they can hack. It typically requires a small free client that will scan ranges of Internet Protocol Addresses. People’s machines can be accessed without them knowing in a variety of cases. Because of this blank Password should not be used, and the password should be more complex than ‘1234’ because some people will try to guess them or have software that can launch dictionary or a variety of common word attacks, more advanced users may try every combination of password, sometimes known as brute forcing. This may be illegal but at the same time it happens, so take security precautions before hand to protect your data and your machine from being hacked

Not using a firewall
A firewall acts as a barrier between your machine and other connections e.g. Local Area Network or Dial up Connections for example. Better quality ones will monitor both ingoing and outgoing traffic, which allows you to check for programs that try to dial home such as spyware or other nasties.

Not using a virus scanner
If you run files that could be unsafe or are exposed to data from unknown sources e.g. email then running a virus scanner is a good option, or one of a professional standard. Some may include Real Time scanning that scans as you go, Email Scanning which typically scans as you go and Scheduled or manual scanning. Note that with email scanning not all programs scan ingoing and outgoing mail, ideally you want to scan both for optimum security although some feel if you have written it then it may be safe, the truth is though things could go a rife and the more protection you have the better. Typically virus scanners may set themselves up to scan daily or weekly and some may also check for virus definitions updates on the same schedule. By updating the definitions it helps ensure the latest protection available from the vendor, but remember different vendors of different support so what a virus scanner supports in terms of virus scanning detection, usability, functionality and price varies.

Captive
03-09-2004, 10:53 AM
Sharing Documents or Devices on Windows 95/98/ME
Dated 2004.09.03
Time: 9.35AM-9.46AM
In reply to http://pressf1.pcworld.co.nz/thread.jsp?forum=1&thread=50980


Security Hazards
You use a blank password [Not allowed by default in Windows XP]
Use a password that is too easy to guess

People literally scan Addresses on the internet to look for files they can read or machines they can hack. It typically requires a small free client that will scan ranges of Internet Protocol Addresses. People’s machines can be accessed without them knowing in a variety of cases. Because of this blank Password should not be used, and the password should be more complex than ‘1234’ because some people will try to guess them or have software that can launch dictionary or a variety of common word attacks, more advanced users may try every combination of password, sometimes known as brute forcing. This may be illegal but at the same time it happens, so take security precautions before hand to protect your data and your machine from being hacked

Not using a firewall
A firewall acts as a barrier between your machine and other connections e.g. Local Area Network or Dial up Connections for example. Better quality ones will monitor both ingoing and outgoing traffic, which allows you to check for programs that try to dial home such as spyware or other nasties.

Not using a virus scanner
If you run files that could be unsafe or are exposed to data from unknown sources e.g. email then running a virus scanner is a good option, or one of a professional standard. Some may include Real Time scanning that scans as you go, Email Scanning which typically scans as you go and Scheduled or manual scanning. Note that with email scanning not all programs scan ingoing and outgoing mail, ideally you want to scan both for optimum security although some feel if you have written it then it may be safe, the truth is though things could go a rife and the more protection you have the better. Typically virus scanners may set themselves up to scan daily or weekly and some may also check for virus definitions updates on the same schedule. By updating the definitions it helps ensure the latest protection available from the vendor, but remember different vendors of different support so what a virus scanner supports in terms of virus scanning detection, usability, functionality and price varies.

Captive
03-09-2004, 10:54 AM
[This example in parts applies to both windows XP and Windows 2000]


The default permissions of Windows XP will allow LAN users to access information. This may also allow internet users to read it as well depending on network configuration.

Article http://support.microsoft.com/default.aspx?scid=kb;en-us;304040 outlines that XP Home always has Simple File sharing enabled, XP Pro has simple file sharing by default.



As a note: Windows XP Home should NOT be used in an environment where others are on the network and you do not want them reading all the files.

Step 1 Gather info

1. Make sure Administrator Username and password is not blank on all machines
Reboot into safe mode and change if required, which will enable the ability to access the administrator account
2. Make sure Usernames other than Administrator have a password set
3. Document all passwords and usernames

Step 2 Disable Simple file sharing In Windows XP [For Each Machine]
4. Open a folder
5. Click pull down menu Tools > Folder options
6. Click View
7. Un-tick ‘Use Simple file sharing’ [down the bottom of the list]

Step 3 Setup Usernames and passwords for network access [For Each Machine]

For each machine
8. Click Start > Settings > Control Panel > User Accounts
9. Make sure all Usernames exist for users on all machines which will have access to the files
10. Make sure passwords exist identical for each username

Repeat for each machine
Step 4 Make Usernames network users [For Each Machine]
11. Start > right click My Computer > Manage
12. Open Local Users and groups branch
13. Open User Branch

For each network user but not direct computer user
14. Right click username and choose properties
14. Click ‘Member of’ tab
15. Click Add
16. Click Advanced
17. Click Find Now
18. Click Network Only
19. Click Okay
20 Click Okay

Repeat for each user

Step 5 Configure network permissions [For Each Machine]
21. Select share you want to Enable/Disable/Change
22. Right click it and choose properties
23. Click Security Tab

Removing User/s
24. Remove everyone if listed
25. Remove anyone you don’t want to have access

Adding a user
26. Click add anyone you want to have access
27. Click Advanced
28. Click Find Now
29. Click username you want and choose okay [You can use ctrl key + left click to select multiple items]
30. Click okay to accept
31. Select permission rights with tick boxes, if they are grayed out click advanced then un-tick inheritance
32. If you do change it click advanced and Replace permissions so it does cascade down through all items.

Captive
03-09-2004, 10:55 AM
Oops sorry there was a paste error there :-(
i will put in the correct article as well

Captive
03-09-2004, 10:55 AM
Sharing Documents or Devices on Windows 95/98/ME
Dated 2004.09.03
Time: 9.30AM-9.46AM
In reply to http://pressf1.pcworld.co.nz/thread.jsp?forum=1&thread=50980
Example stated is for: Windows 98SE, will work with other versions as well.

Pre-Requisites
Network Card Installed
TCP/IP Settings Correctly Configured
[See Separate Tutorial for TCP/IP Configuration]


Allowing Sharing
Start > Settings > Control Panel > Network
Click File and Printer Sharing
Either share Files, Printers or both
Click Okay
Click Okay
Yes to Restart Computer

When Computer Restarts
Right Click item to share
Click Sharing TAB
Click Shared as
Name will be automatically generated
Choose Read Only, Full or depends on password to suit
Remember granting write access will allow others to change data.

You may be prompted for this password when connecting, for 95/98/ME it does not require an identical username be present on other boxes, with Various versions of NT [2000,XP] though it does require the username be present on 2k/XP as well as per separate document

Also See Security Hazards, Sharing with Windows NT

Captive
03-09-2004, 11:35 AM
Configure TCP/IP for 95/98/ME
Dated 2004.09.03
Time: 9.56AM-10.13AM
In reply to http://pressf1.pcworld.co.nz/thread.jsp?forum=1&thread=50980

TCP/IP Configuration
Windows 95/98/ME
Tested on 98SE

Pre-Requisites
Network Card is present

To Check:
Are you Using Internet Connection Sharing or have a DHCP Server? If so configuration may be simplified [Internet Connection sharing acts as DHCP server when it is installed]

Start > Settings > Control Panel > Network
IF TCP/IP is not listed
Add > Protocol > Microsoft > TCP/IP > Add
Click Okay
You may prompted for the CD and to restart, if you are do both accordingly

Start > Settings > Control Panel > Network
You have ICS [Internet Connection Sharing] on a machine on the local LAN or a DHCP server.
TCP/IP Settings by default will probably work.

You do not have ICS Installed or other DHCP Servers such as an ADSL Routers with DHCP Supported and enable

To Test if you have a DHCP Server

Turn on All computers and devices
Leave TCP/IP Settings on Default
Start > run > WinIPCfg <enter> > Renew All
Typically if a Internet Protocol [IP] Address of 192.168.*.* is shown you may have a DHCP Server
Subnet mask on most SOHO [Small office home offices] or homes is usually 255.255.255.0 and while there is occasional variation it is uncommon
Gateway is typically the address of the ICS machine or ADSL Router, or other software or hardware which connects out of the network

Configuring TCP/IP with DHCP Server
Click TCP/IP > properties
IP Address TAB > Specify IP Address
IP Address
This is typically 192.168.0.1-192.168.0.254
Note that 192.168.1.0 is not used and 192.168.1.255 is for broadcasting, or sending to multiple machines so should not be used

Typically you start with 192.168.0.1 then increment the Final Class D Address by 1 for each machine

e.g.:
192.168.0.1 Machine 1
192.168.0.2 Machine 2
192.168.0.3 Machine 3 and so forth

Subnet Mask
For SOHO or typical scenarios this should be 255.255.255.0
This mask will allow addressing of your Internet Protocol [IP] with a wildcard for the class D Address
E.g. if your IP Protocol Address was 192.168.0.1 you would be able to access 192.168.0.1 to 192.168.0.254 [192.168.0.255 is for broadcast or multiple recipients and not usable by a single machine]

If your IP Address was 192.168.1.1, you would be able to access 192.168.1.1 – 192.168.1.254 [192.168.1.255 is for broadcast or multiple recipients and not usable by a single machine]

Please note that An IP Address may exist for other devices as well E.g. Printers or Routers among others

Note that if you have a Dynalink RTA210 router DHCP is not enable by default, but can be by going into the control panel for the device and enabling it. This may require settings TCP/IP settings manually first though to ensure you can access it to Setup DHCP

For Dynalink RTA220 or various other Routers DHCP is enabled by default, so TCP/IP configuration settings may not be required if the Router is configured correctly unless special exceptions apply

Gateway
Typically the ICS Machine or ADSL Router, this should be set to whatever has been enabled to act as a gateway or router

DNS
Typically Assigned by your ISP if it’s an internet enabled box although various software or hardware may have its own DNS server. An Example of this is the Dynalink RTA 220 which by default has a DNS server which is configured automatically for usage by DHCP

Note when testing connectivity you can start from the bottom and work your way up or the top and work you way down for this list. Because this list requires more to be present in later tests than earlier by starting at the top of this list you are more likely to find a closer to root cause of the problem. If you start later on in the testing connectivity list or with more services it may be harder to figure out where the problem is, but if you try each part of this list you may able to help determine where the problem may be. The complete scope could go into a whole course or more in terms of hardware and software support, this is merely a quick tutorial.

Testing Connectivity
Start > Run > Command.com [cmd.exe for Win NT]
Ping 127.0.0.1
Should reply with response
This indicates the machine is correctly configured with TCP/IP

Ping <Another IP name on Local network>
Indicates that it can establish connection to the other machine
If it cannot consider it could be either machine mis-configured or malfunctioning. Having a 3rd machine for testing may be good if all software configuration fails and bad hardware is suspected: with a 3rd machine you may be able to determine a machine software or hardware fails in the general vicinity of malfunction to be analysed for repair.

Ping <Machine Name>
By Default a machine on the local network will automatically be assigned to handle Windows Name Resolutions e.g. of this is the machine name. This functionality resolves typing ping <machinename> into an IP Address.
More advanced configurations may have a separate server for this but typically it’s handled by windows itself

Ping, Gateway Address>
This tests that you can establish connectivity to the gateway. If it fails the device or computer IP/Subnet mask may be incorrect or the gateway address on the client is incorrect.


Ping <Remote IP Address>
This will test the gateway is configured correctly. If you do no know a Remote IP Address I would recommend acquiring one for testing purposes. Note that some sites will disable ping, so just because you have an IP Address doesn’t mean it will respond to a ping request.

If this fails it may indicate the software hardware for the gateway or router may be mis-configured

Ping www.digitalbuilder.co.nz [or other address with ping response enabled]
This will test that The DNS servers are resolving names to IP Addresses.

If this fails it may indicate the DNS server address is incorrect or mis-configured

If you can ping www.digitalbuilder.co.nz the network may be working correctly, depending on network variations

NZHawk
03-09-2004, 12:07 PM
thank you all for your assistance, I will try them & get back with you.