General discussion

Locked

sharing cable modem without sharing file

By dewey8315 ·
Just got a cable modem installed in my office which is right next to two other businesses. We want to share the cost of the broadband by sharing the internet. There are 4 computers in one business, two in another and two in the third. How can we setthis up to share the broadband but not share our files on our separate networks? All the businesses are on networks and need to share files between themselves, but we do not want to share anything other then the broadband between each business. All computers are running windows 98 or greater. The cat 5 cable is already installed connecting all three business. Thank You

This conversation is currently closed to new comments.

17 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

legality

by omie In reply to sharing cable modem witho ...

Before you do or plan that I think check first your contract with the cable company. You might be violating the terms of agreement if you share that internet connection especially it will be shared with other business entity. In legal terms you are acting as an ISP to the other business entity and the penalty is stiff considering cable companies are protected by federal law.

Collapse -

Router

by TheChas In reply to sharing cable modem witho ...

I do agree that you need to closely look over the service agreement with the Cable ISP before you proceed. The Cable companies even frown on sharing between multiple PCs in a home.

Another thing to think about, is do any of you need to upload a lot of data?
If so, the Cable route may not do the job at all.
You need IDSN, T1, or SDSL if you need to upload large amounts of data.

There is no way to share the modem without inter-connecting your networks.

You can connect the modem to a router, and connect from the router to each network.
I would install a hardware firewall between each network and the router.
At a minimum, that would restrict hackers from gaining access to all networks once they got into 1.
With 3 different firmssharing a common connection, security IS going to become a concern at some point.

To protect all parties, you need to seriously look into some form of written agreement as to liabilities and responsibilities.

If one of the other firms get hacked, you can bet that they will blame you for it.

Another thing to consider is the number of users.
If you end up with 30 users connected, your 1.5M bandwidth suddenly acts like 52K for each user.

Chas

Collapse -

What he said

by armourbl In reply to Router

And you will probably need to upgrade the operating systems to Win 2000 or XP Pro so you can use NTFS to secure the file structure on each computer. A software firewall on each system may not be a bad investment either.

But, like he said, every additional computer sharing the same IP (router will have the static IP for all out bound traffic) you are going to suffer on the bandwidth.

Cable? Are these businesses that poor. If they can't afford a T1, etc., they should at least be able to afford a Cable connection of their own. We are talking $50-$80 a month tops for the service.

ben

Collapse -

They can be seperate

by LordInfidel In reply to Router

Security domains has nothing to do with IP.

All because I am on the same subnet as someone, does not mean I have automatic access to their systems.

It just means that I share the same subnet.

And all because you are on the same physical segment, does not mean you have to be on the same IP subnet.

The router can be set up with 2 IP adresses on the same physical segment.

It can have 2 subnets, 192.168.1.0/24 and 192.168.2.0/24

and have the .1 adress assigned to it. Then traffic is segmented via IP. You can even take an existing class c 192.168.1.0 and seperate it into half, 192.168.1.0/25 and 192.168.1.128/25

The IP's on the router would then be .1 and .129.

But..... The concession I will make with regards to access to files if all systems share both the same physical segment and the same IP subnet, is packet sniffing off of the wire. While they won't have direct access to the files, they can sniff the packets that go across the wire and get data that way.

Collapse -

Yep

by armourbl In reply to They can be seperate

Didn't mean to imply that they couldn't have more than one IP, just that most likely the Cable ISP is only going to allow for one IP to be recognized. I don't really know a lot on the subject, so I shouldn't have even tried to explain.

What Lord said is correct. I just don't have the network experience to call it from memory and explain like he did.

Still, it doesn't change the fact that they really shouldn't need to share a cable connection.

ben

Collapse -

thanks but,,,, make it more simple

by dewey8315 In reply to They can be seperate

I appreciate the non-lawyerly answer but, I am not a networking expert. Just your plain white user. Could you give me an answer that I could maybe understand a little easier. I know it can not be that hard,,, but your response was a little hard for me to end up knowing exactly what to do... Thank You again..

Collapse -

If I understand lordinfidel..

by TheChas In reply to thanks but,,,, make it mo ...

If I under stand Lord Infidel correctly, you can have a reasonable degree of security for your files if you install a "REAL" router, and not a "Best Buy" grade 'home' cable router.

Since you admit to not knowing networking, (good for you by the way) you will need to have the equipment setup and installed by a local IT tech.

The intricacies and issues that will come up can take days to research if you are not familiar with the protocols and equipment.

Chas

Collapse -

For the technically challenged

by LordInfidel In reply to thanks but,,,, make it mo ...

Sometimes I forget that everyone on this board are not all techincal. So I apologize for the aloof comments.

The dumbed down version.

All because the systems use the same outbound connection, does not automatically mean that they have access to each others files.

It is difficult for me to give you a step by step, **** by **** of what to do.

But if your goal is to make sure that one business can not even see the other business' systems. You will need to get someone in there who understands routing and subnetting principles.

If you don't care if they can see each others computers but only care if they can access files. Simply make sure that each person's system has a unique username and password, and the default administrator account has a unique password assigned to it. (that was for nt,2k,xp)

For 98, just don't enable file and print sharing.

Collapse -

2 subnet

by omie In reply to They can be seperate

I was reading your explaination that you could configure the LAN side of router to two subnet. I look at the configuration of low end router and it is imposible to realize that. Unless you have a DMZ on the router. Again two won't be enough to separate those three entities.

For security is definitely an issue. As mentioned there WIN98 WS and it looks like they will be setup as workgroup.Although they will be setup separately by different workgroup name still there are a lot of sniffing toolsand password recovering scripts. Again trust is needed to join this 3 entities.

Again this considered a federal offense (cable fraud/theft) and again don't risk the companies future with pennies and dime. It would only take one disgruntled employee to squeal and it will lead to their downfall including who the individual who set it up.

Collapse -

It's only impossible

by LordInfidel In reply to 2 subnet

If the router you have is so archane that it can not do basic subnetting.

BTW- a cable/dsl modem is not a router.

A DMZ has nothing to do with anything in this case.

This is a very simple configuration. The rules of IP forwarding prohibit 2 computers located on 2 different subnets to talk to each other unless there is an intermediary device that will forward the requests. This rule can not be broken no matter how hard you try.

I can have 10 computers connected to the same physicalswitch. And each system resides on it's own little subnet. And no packet sniffer in the world will see the traffic.

For a more precise example. Take these IP's
192.168.1.1/24
192.168.2.1/24
192.168.3.1/24
192.168.4.1/24
192.168.5.1/24
192.168.6.1/24
192.168.7.1/24

Not a single one of these IP's can talk to each other without a router connecting them and forwarding the requests.

I'm not trying to be an ****, but out of all of the people to correct on routing and security principles, I should be one of the very last.

Back to IT Employment Forum
17 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums