Network . . . where are my machines?

[12AX7]

   Maybe someone can clew me in. I have a DSL router(modem) going to a linksys 4 port VOIP router; off of that I have a 4 port linksys hub, and a linksys 4 port wireless router.

                                          | ----> hub  =====>>  two computers
 DSL modem---> VOIP router->|
                                          | ---->Wireless ----->  laptop

  Shouldn't I be able to see the two pcs from my laptop? And vice-versa? I can see each pc from the other; but the laptop is all alone. Is there something about the setup preventing it? I thought they would show the names of the machines on the network; as I've gotten an IP conflict previously on this same setup (unplugging, defaulting and rebooting the wireless router).
  Any help gets a thanks.

[Novice]

-Are the laptop and the two computers in the same subnet?
-Can you ping the two computers from the laptop?
-Could the wireless router or hub be proxy-arping for any of the devices?*

*If you aren't sure, clear your ARP cache and run Wireshark. Ping one of the computers and check the ARP responses in Wireshark to see if the Wireless router is sending its own MAC in place of the PC's

[mryellow]

Despite the merit of firewalls you put your computers through, since the two computers are able to see each other and connect to the internet, I am assuming that that path is clear. In my view, that leaves as the most likely suspect the software firewall you have on your laptop. I am assuming you have one, since a laptop is meant to be taken out of the home network. This may interfere with the merit of hardware firewalls you have. Disable it and check your mileage: if it now works you have your culprit and it is a matter of reconfiguring the software firewall. You obviously do not want to leave it off permanently. Also check your Windows Firewall: conflicting software firewalls is a definite source of frustration.

EDIT: also, you do use static IPs on your network right? You don't have several devices in your network dynamically assigning IPs?

[12AX7]

   Figured it out. Thanks for the responses!

  I had had the wireless router set up pretty heavily secured; with no SSID broadcast, secure login (https) with the password something like "d98gsdfhe94857twiuerhg87we45ytkuiwert7", WPA2- Personal encryption, and MAC filters allowing only my phone and laptop to connect. I had also set it up off of the VOIP router WITH DHCP ON  (ahem!) specifically so if the wireless was compromised; they couldn't get to my other comps.
  Since I'm now using different laptop, I defaulted the wireless router to set everything up new. What I didn't know is that the wireless defaults to DHCP. So after setting everything up (except the DHCP - I didnt even look at it) I thought I should be able to see the other comps; not knowing the DHCP was still ON by default. So I had IPs of 192.168.1.101 and 102 on the comps; but 192.168.15.101 on the wireless.

  As for firewalls, etc; nope. No firewall, no antivirus, none of that crap. I've never used them, and have only been infected twice; both times from someone else using my machine. I DO run a scan every now and then (usually Spybot) to check for trojans, but since I don't download anything that I don't already know what it is; I'm (usually) pretty safe. Everything on the comps is backed up on the other comps, on my website, and on a separate, uninstalled hard drive so there'd be very little data loss; and personal information on the machines is very limited.
   As far as being hacked into; I don't think you can get through the modem and the VOIP router from "The World". I could be wrong on that, but I'm under the impression it's really difficult to get through DHCP and NAT and connect to a machine? If I'm wrong about that someone please set me straight, lol.

   Anyway - with the DHCP off on the wireless, and the laptop assigned an IP by the VOIP router; the problem has been solved. Thanks again!

[Novice]

Believe it or not, this is how most of the cases I take go.

-Customer describes problem
-I ask for information / give ideas
-Customer figures it out without my help

 

[Chris]

   Figured it out. Thanks for the responses!

  I had had the wireless router set up pretty heavily secured; with no SSID broadcast, secure login (https) with the password something like "d98gsdfhe94857twiuerhg87we45ytkuiwert7", WPA2- Personal encryption, and MAC filters allowing only my phone and laptop to connect. I had also set it up off of the VOIP router WITH DHCP ON  (ahem!) specifically so if the wireless was compromised; they couldn't get to my other comps.
  Since I'm now using different laptop, I defaulted the wireless router to set everything up new. What I didn't know is that the wireless defaults to DHCP. So after setting everything up (except the DHCP - I didnt even look at it) I thought I should be able to see the other comps; not knowing the DHCP was still ON by default. So I had IPs of 192.168.1.101 and 102 on the comps; but 192.168.15.101 on the wireless.

  As for firewalls, etc; nope. No firewall, no antivirus, none of that crap. I've never used them, and have only been infected twice; both times from someone else using my machine. I DO run a scan every now and then (usually Spybot) to check for trojans, but since I don't download anything that I don't already know what it is; I'm (usually) pretty safe. Everything on the comps is backed up on the other comps, on my website, and on a separate, uninstalled hard drive so there'd be very little data loss; and personal information on the machines is very limited.
   As far as being hacked into; I don't think you can get through the modem and the VOIP router from "The World". I could be wrong on that, but I'm under the impression it's really difficult to get through DHCP and NAT and connect to a machine? If I'm wrong about that someone please set me straight, lol.

   Anyway - with the DHCP off on the wireless, and the laptop assigned an IP by the VOIP router; the problem has been solved. Thanks again!

Basically, they were on two different subnets.

[12AX7]

   Yep. It's the same way I had it before I defaulted the wireless router; I just didn't realize it defaults to DCHP. I actually have it set back up like that; as I have an ethernet connection laying beside my chair upstairs, and another down here across the room. If I need to network between my laptop and comps; I just do it over the wires. They go to the VOIP router directly - the same subnet as the comps. In fact, this is the way I'm normally connected. I brain farted with it earlier because I had done the default thing and didn't know (and hadn't checked yet) that it was still DHCP. Since I was wireless on the laptop and NOT plugged in to the cables at the time, I couldn't see my comps and couldn't figure out why; since I usually could (being plugged in).
   In other words; I posted before thinking it out. mr yellow's question about "several devices dynamically assigning IPs" prompted me to look at the wireless router's default settings.
  (Thank you, sir! )
  It's nice to know that that setup works like I was thinking. That if my wireless is compromised; my machines are still - if not inaccessible; at least not immediately available.

[Chris]

You're still using a hub in your setup? Those are ANCIENT!

[xolik]

"d98gsdfhe94857twiuerhg87we45ytkuiwert7"

Oh great, now I have to change my forum password. 

[12AX7]

You're still using a hub in your setup? Those are ANCIENT!

Yep. I actually have two. They function as sort of "splitters". I only have one ethernet connection in my studio; but three comps. So I have one in there to connect all three pc's to the one ethernet connection. Works great right outta the box; no hassles. The other isn't being used right now; but it used to provide two more ports across the room here in the studio (one was for the laptop).

[Demosthenes]

Oh great, now I have to change my forum password. 

You should consider selecting a password more secure than that next time, too.  Not a single capital letter or special character to be found!

For shame.

[12AX7]

   I used capital numbers though. Those are tough to figure out.

[mryellow]

When you say hub you probably just mean switch right? Those babies are brilliant.

Anyway, glad you got things resolved.

Little tip: SSID broadcasting off and MAC filtering belongs in the obscurity corner, not in the security one. You are merely making things more of a hasle for yourself. Here, take this as a starting point if you are interested:
http://blogs.zdnet.com/Ou/?p=454

[Novice]

When you say hub you probably just mean switch right?

Not always. A hub might not learn MAC addresses where a switch does. Meaning the hub will always flood its traffic. On the other hand, the switch is going to learn the MAC of the destination and only send through one interface / port.

[Chris]

Not always. A hub might not learn MAC addresses where a switch does. Meaning the hub will always flood its traffic. On the other hand, the switch is going to learn the MAC of the destination and only send through one interface / port.

Exactly. Essentially, a hub simply transmits data received to all ports because there is no MAC address table stored in memory. This makes them less efficient and less secure.

[mryellow]

I thought hubs were completely extinct, can you still buy them? That's what I was referring to, most people I know who refer to their hub mean their switch. Not sure how they became mixed up.

[Novice]

I don't think they should become extinct.

Speaking from a network troubleshooting point of view, I've seen a lot of virtual server setups that require hubs. Something about the way the setup works requires a network device that is not going to learn MACs.

You can think of it in terms of a MAC flap. A switch learning the same directly connected MAC on different ports might get angry at you instead of just doing what you want.

I agree the naming system is flawed. It's just like when I call Cisco 7000 series switches "switches", people want to correct me and say router. It usually happens when L2 devices get L3 capabilities. They are technically both switches and routers at this point, it just depends on how you see them I guess.

[12AX7]

   I was just going o ask; its a home network; what's the big deal whether its called a hub or switch. So I mis-named it. HubswitchrouterboxwithfoursquareholesandoneroundoneandsomeblinkinglightshowaboutIjustcallthemotherfuckerFred.
 
 

[12AX7]

When you say hub you probably just mean switch right? Those babies are brilliant.

Anyway, glad you got things resolved.

Little tip: SSID broadcasting off and MAC filtering belongs in the obscurity corner, not in the security one. You are merely making things more of a hasle for yourself. Here, take this as a starting point if you are interested:
http://blogs.zdnet.com/Ou/?p=454

   All that says is just use WPA2.  I already have that on; with a 64 character key. And it's not really a difficult setup. I wouldn't have even posted had I realized I wasn't plugged in. The only reason I defaulted the router was because I couldn't find my hardcopy of my password (to login and setup the new laptop's MAC filter); and there's no way to remember it.
   Incidentally; that link suggests anything other than WPA is "stupid"; and that there's no such thing as a "layered approach" to security. I would have to disagree. Except for his reasoning behind he SSID broadcast (your laptop broadcasting the settings ALL THE TIME); I believe the more points that are a hassle to get through would -by definition; make  it "more secure".
   If you were a criminal, and were trying to break into some boxes I have (just regular, actual boxes; not comps, for this analogy) - which would you spend more time trying to get into; the one with ONE big, unbreakable (usually) lock; or the one with 5 different locks, three 10 meter logging chains, one of those big, unbreakable (usually) locks, three dogs, and has been welded shut? The idea behind layered security isn't that each ONE item will be failsafe; or even that ANY of them are failsafe; but simply to (probably) make it more difficult to hack into MY network than my neighbors'.






 
 

[Lacerda]

MAC filtering is basically the wireless security equivalent of writing "PLEASE PLEASE DON'T STEAL THIS BOX" on one of your boxes.

[12AX7]

  So is putting a padlock on...anything.