Hi, I have a HomeHub6 running a home network and all is well. However, one of these machines runs XP and I'm getting nervous, especially in the light of the recent ransomware attacks, that this machine is vulnerable. It's an archived machine so I don't want to risk an upgrade to Win 10 and don't use it enough to justify the expense, anyway.
So, how do I keep it on the network while at the same time making sure the Internet can't see this machine?
The help for the HH6 describes Access Control but this is schedule-based and I can't see where to simply turn Internet access off for this one machine.
Can anyone help?
Solved! Go to Solution.
The routers firewall prevents access to devices on your LAN, unless you have forwarded a port(s) to the device in question in the router.
Manually configure its IP address outside of the DHCP range, but do not enter a value for the default gateway, it will then not be able to access any address outside of your local network.
If you need to enter a default gateway, then use a dummy one which does not point to the home hub gateway of 192.168.1.254.
At the moment I've got Internet Properties set so it's using a proxy of 127.0.0.1 in LAN Settings (bypassed for local addresses), which is definitely blocking outward access. But that's just outward, isn't it? Or does it block inward too? I just want to be sure that if someone comes sniffing around, they don't even see that the XP PC is there...
Unless you have open ports pointing to the XP machine it will be unreachable from outside. IE: the Internet.
They will not see it from the Internet, so the only possible risk is if the XP machine can access the Internet, and downloads malicious content.
Inbound connections are only possible if ports are forwarded to the PC, as already explained.
Is there a way of having it so XP can access the Internet but the Internet can't access XP? Sorry for all the dumb questions but my knowledge is patchy at best on this stuff and I'm very grateful for the help 🙂