There are 3 "private" address ranges available for use that never appear on the internet. They are:
a) 10.0.0.0 to 10.255.255.255 - this is a single class A range. Mask is 255.0.0.0
b) 172.16.0.0 to 172.31.255.255 - These are 16 class B ranges. Mask is 255.255.0.0
c) 192.168.0.0 through 192.168.255.255. These are 256 class C addresses and thus normally have a 255.255.255.0 mask
The library network will be on one of these 3 sets of addresses, as will your home LAN.
You will most commonly see either 192.168.0.0/24 (the /24 means 24 bit mask, or 255.255.255.0) or 192.168.1.0/24. The next most common is 10.0.0.0/8 (the /8 is, of course, an 8 bit mask or 255.0.0.0)
If you select a very uncommon range for your LAN at home then you can be reasonably confident of leaving your firewall open for that range. I would also consider using a non-standard mask for the local LAN IF your router/access point will allow and the built in DHCP server can cope.
Perhaps use a 172 range, like 172.29.0.0/28 - this would make available the address range 172.29.0.0 to 172.29.0.15 (14 usable addresses the lowest is always the network identifier and the highest is the broascast address so you always lose 2) - the decimal mask would be 255.255.255.240 - a most unusual mask to use with a class B address as well as being a largely unused private range allocation. Not perfectly secure, but the first step in security should always be obscurity. The reason for the non-standard mask is to further secure things. Even if you happen to connect to a LAN using the same base address range (the 172.329.0.0 part) your machine will still be inaccessible UNLESS they have also picked the same mask.
So, the easy way to alleviate this is to fix the addresses on the AD HOC network. Make the addresses from one of the ranges mentioned in my previous post (192.168.x.x, 172.17 to 21.x.x or 10.x.x.x - I suggest you use something from the 172 ranges to reduce the possibility of a conflict with any wired network you might connect to). Masks on both machines should match, addresses should be different but within the range defined by the mask. E.G. 172.18.1.1 and 172.18.1.2 with a mask of 255.255.255.248 (this will define a range of 172.18.1.0 to 172.18.1.7. Remember, the 0 and 7 are network and broadcast respectively so only 1 to 6 are available.
Then, you should be able to connect to the other machine by IP address rather than hoping the name will work (there's that slow browser service again). You can always update your local hosts files if you really want to use names. (C:\windows\system32\drivers\etc\hosts) Edit it with Notepad - the syntax has examples in the file. Make sure you end the last line with an
Also, in this kind of situation it is probably best to go into the TCPIP properties, Advanced button, WINS tab and make sure that either the "Default" or "Enable Netbios over TCP/IP" radio button is selected - if in doubt, select the "Enable..." option.
Get this going with your firewall disabled, then enable it to setup the additional security. Using encryption on the wireless is also a good idea, but again, get it going first then add the encryption - then if it stops working, at least you'll know where to look
No comments:
Post a Comment