printing through hardware firewall

[Guest]

We have a remote PC that I need to print orders to via an HP4 that's
connected to that PC. We were hacked into big time - after a lot of work got
control of the PC back and installed a Linksys firewall/router. We
successfully opened up the necessary ports for PC Anywhere and can connect
to the pc in question. However, I don't know how to allow printing again.
The printer is shared and we were printing to the pc's IP address
before. What do I do now to allow printing but prevent hacking?

 

[Steven Umbach]

This really should be done through a vpn connection or vpn ipsec tunnel. Any W2K
server box can act as a vpn server and you can setup a vpn connection between
two W2K Pro boxes though there is a limit of one pptp vpn connection. Pptp is
the easiest to set up since it does not have issues with nat and does not
involve machine certificates because it does not use machine authentication as
an extra security step like l2tp does. You can also buy economical vpn/ipsec
endpoint devices for as little as $100 each that will provide a continuous vpn
tunnel between the two networks. See the link below for an example. Opening file
and print sharing ports on your router could expose you to hacking again and
many ISP's will not even allow such traffic anymore. If in a bind you could try
opening/forwarding port 445 on the remote router but ONLY if you can configure
the router to accept inbound traffic on that port from ONLY your public IP
address and use complex passwords and an account lockout policy, otherwise you
will attract a lot of attacks. A vpn is a much better solution as if you send
file and print sharing data over the internet via port 445, you data will not be
encrypted. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;308208
http://www.netgear.com/products/prod_details.asp?prodID=129&view=