Restrict Shared folder access in Windows XP Home

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Alex Ethridge

Thread Starter
Joined
Apr 10, 2000
Messages
9,284
I'm on a network with only two computers. I am in a building that has umpteen other offices sharing the same router. The other offices are businesses that have nothing to do with my business.

How do I share a folder between my two computers without giving every other office and unknown people access to my shared folders?

Using Windows XP HOME not Pro
 

TerryNet

Terry
Moderator
Joined
Mar 23, 2005
Messages
81,397
Almost completely secure way: give the folder a SHARE name ending in the dollar sign ($), such as cantsee$. When the share name ends in $ it does not show up in My Network Places, or other lists of shared folders. Other people on that large network will see only your Shared Documents folder. Just don't put anything in that folder, and don't trust anything you find there.

To access the hidden folder from your other PC

Start - Run - \\cantsee$ - OK

Of course, if anybody guesses that you have a hidden folder, and guesses the name, they can get it just as well. So, if I were doing this I'd use a random set of letters and numbers for the share name.

Secure way: if you are using static IP configurations use a 3rd party firewall and put only your two PCs into the trusted zone. If you are using dynamic addressing I think there are firewalls that allow you to specify MAC addresses to trust rather than IP addresses.

Another secure way: Get an encryption application. I use the free open source TrueCrypt (www.truecrypt.org). You create a "volume" and can even put that in your Shared Documents folder. Others can get it, but without the password they can't do anything with it. To use it you "mount" it, giving the password, and then it acts exactly like a drive--you can't tell the difference between it and a USB flash drive except that the TrueCrypt volume will be faster. However, you can mount (use) it on only one PC at a time, so it may not be convenient for your use.

Hope this gives you some ideas.
 

Alex Ethridge

Thread Starter
Joined
Apr 10, 2000
Messages
9,284
Looks like the MAC address thing is the only answer for XP HOME. I'll look into it.
 
Joined
Aug 7, 2007
Messages
9,028
With an office complex using a shared router to give it's clients Internet access, they should also be putting each tenant into their own VLAN which will hide them from each other. If they don't have the hardware/expertise to do that you should suggest that they upgrade.

At the very least, they should put each tenant into a separate subnet. Then the built in Windows firewall can provide protection. (If you have SP2 installed)

Using a random name for the shares, and making them hidden is a good step.

If your IP addresses stay the same, you can configure the Windows firewall so that your two PCs are the only ones in the scope for File and Printer Sharing.

Start | Run > firewall.cpl
  • Click Exceptions tab, then highlight File and Printer Sharing
  • Click Edit...
    • On the Edit a Service window click Change Scope...
    • Choose Custom List: and enter the IP addresses of your two PCs
    • Click OK
      • Repeat for all other ports shown
    • Click OK on the Edit a Service window
  • Click OK on the Windows Firewall window

Another option is to install NetBEUI from the XP CD, then unbind File and Printer Sharing and the Client for Microsoft Networks from the TCP/IP protocol.
This way, your PCs won't even appear in the other tenants Network Places (unless they have NetBEUI installed of course). Won't stop someone who is actually trying to find shares to hack into, but will stop the "curious and bored" from trying to see if there is anything interesting to see on your systems.
NetBEUI is on the CD here:X:\VALUEADD\MSFT\NET\NETBEUI
You can change bindings from the Network Connections window:
Advanced Menu | Advanced Settings...

HTH

Jerry
 

Alex Ethridge

Thread Starter
Joined
Apr 10, 2000
Messages
9,284
Thanks for all the input; but, I think we are 'up against it', so to speak.

The person who maintains the router and, consequently, the network, is difficult to deal with, a penny pincher and tries to gouge anyone who needs network modifications. Also, based on what I've seen and heard from the few tenants I've talked with, he is somewhat deficient in setting up and running a network. In other words, he doesn't know any more than I do and in the network security department, seems to have taken a devil-may-care attitude.

Something I do know quite a bit about is using system recovery to clean a machine. His buffoonery in that department has cost people a lot of down time and some lost data. So my assessment is to find a way to solve the problem without his cooperation or forget about it.

I think we'll just have to go the Pro upgrade route to solve the problem.

Again, thanks.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top