I think that message is referring to Vista’s Firewall & not CIS. But, there is another way to do this anyway… Control Panel - Network Connections, right click your LAN adapter & select Properties. Now uncheck MS File Sharing & the 2 Link-Layer Topology Discovery options. Click OK and you’ll probably need to reboot for it to take full effect.
This makes some certain assumptions about your Internet connection (I’m assuming router or Ethernet) and that you don’t have a LAN with other PC’s. Also, assuming IP = ISP, why have your ISP asked you to do this?
Thanks, so it is referring to the Vista FW.
I can’t really say why, but when the tech came out and replaced the ‘radio’, as he called it, on my antenna and afterwards while getting me running once again he made that comment but when he saw the dialogs grayed out he dropped the discussion.
Do I really need to turn off Network discovery and file sharing? What are the pros and cons?
I think, under Vista, those options are grayed out because the firewall is disabled. Which it would be, since you’re using CIS.
Do you need Discovery & Sharing? It depends solely on your needs. If you have a home WLAN (I’m assuming you have a Wireless Network) sharing files between other systems (desktops, laptops, gizmo’s, etc), then you need Sharing. If you frequently plug-in & remove hardware that uses an IP number (printers, optical devices, laptops, hand held devices, etc), then you might need Discovery.
Pros & Cons: Both Sharing & Discovery can negate stealth if they are allowed to broadcast to the Internet. Because of their “broadcasts” they announce the host system’s presence, although being able to “see” the host system is not a direct vulnerability in itself. At worst, it paints a target on the host system. Having Sharing and Discovery active on a WLAN/LAN adapter that contains both LAN members & the Internet does pose a potential risk. The degree of that risk is determined by the firewalls (both soft & hard) and how they are set-up.
Radio on the antenna: I don’t have a clue what he did… but, isn’t the antenna meant to go on the radio, rather than the other way around?
But, he might have been asking because of security concerns… tell me more about your set-up? Number of systems, Internet connection type… wireless router? Thanks.
Thank you and in answer to your setup info request:
Rural area, no broadband available and no hope of every seeing it.
An enterprising individual came up with the idea of putting WiFi antennas on farm silos and re-broadcasting the signal to selected homes within range. I am receiving my re-transmitted signal from a directional transmitter located approximately 3/4 mile away at the edge of my farm.
Simple setup. Signal comes to my WiFi antenna then hard wired to my PC.
One PC, one user.
No router at my end as was told it was not necessary since I was behind the WiFi ISP’s router. Do have the obligatory anti-virus/malware/spyware along with CIS.
Was told that I really did not need CIS, that with this setup the windows firewall would be sufficient, but have kept CIS nevertheless.
OK, I’m familiar with the this type of connection. I investigated using something similar myself, although for different reasons than yourself.
You have a single PC, then you don’t really need Sharing. You can turn Sharing off via Network Connections (Control Panel) as I described in my first post.
I suspect the same is true of Discovery. I recommend turning both Discovery options off, rebooting & ensuring everything (ie. any connected hardware; printers, etc) works as expected before leaving like that.
I’m at a complete loss as to why you were told this, it is not true. For inbound filtering, then you are indeed protected (well protected). But, for outbound filtering (ie. stopping stuff from leaking out)? Trojan, worms, spyware, malware, etc…? Vista’s firewall cannot handle this & neither could anything implemented on ISP’s side. Outbound filtering needs to be run on the host system (where the firewall can see the applications concerned) and you need a software firewall, like CIS, for that.
[i]PS On your connection type, with extra kit, it is possible for your system to act as relay station itself & relay the signal to other systems. I really doubt CIS would buy that unless configured to do so. Was there any talk of being a relay… sub-node… or anything like that?
Thank you for your information and instructions, it is well appreciated.
I did as instructed as to the network discovery and file sharing, then rebooted, but under the Vista Network Sharing Center the items still show as enabled and grayed out, since this info is feeding from the windows firewall I assume that would be the case?
No talk of relay or ‘sub node’ from my end was mentioned by the tech at the time of installation.