My CNC control doesn't work with windows updates on or virus software in place... Somebody (I think "the kid" but maybe me) accidentally turned the updates on and it crashed the control. Its too easy to do - the damn thing nags constantly.
Is there a way to permanently disable virus and update requests on windows XP?
Karl
Karl,
Go to Control Panel Security Manage security settings Select: turn off automatic updates
Repeat for firewall if desired.
On Jun 29, 11:14=A0am, "Karl Townsend" wrote: =2E..
This is usually a good help site for PC problems.
While you are there, go to "Change the way Windows alerts me" and get rid of the nags.
and, after you do that, make sure the machine has no connection to the internet and you will be safe
** Posted fromThank you, Tom, I knew I forgot something but couldn't think what it was.
This is my follow up question. I pulled the three CNC machines off my LAN for now. Is there some way to connect my CNC machines to the office computer so i can download Gcode and backup machine setup but do nothing else and let nothing from the outside in? Note: The office computer is internet connected.
Today, I have a DSL modem, then router, then a peer to peer LAN through out the place.
Karl
I'm not a network guru, but here are a couple of suggestions:
The simplest way would probably be to set up the firewall in your router to block all communication between the IP addresses of your CNC machines and the WAN (internet).
Another way would be to pop another network card into your office computer and use that for your shop network. By default it should not bridge packets between the two networks. If it's a higher end machine, it might even have two network cards already (all three of my office machines do, the later ones it's all on the motherboard).
Best regards, Spehro Pefhany
The router should have MAC address filtering. That is, you should be able to put the ethernet hardware addresses of the computers you don't want accessing the Internet in the router configuration. That will allow those computers to participate on the local network while not having access to the WAN (Internet).
If your router doesn't have such filtering capabilities, suggest get a better one. All the Linksys Cable/DSL routers I've set up have that capability.
HTH
The router's firewall will protect the whole network to a great degree. Go to:
Run the free version of ZoneAlarm on the CNC machines and all 3, prohibit all IP addresses except from the office PC.
ZoneAlarm will ask the first time but check the "Always do this" and click "Deny"
Dave
the absolute simplest, and most secure approach is to use an "air gap" - plug the machines into your network to do what you need, then disconnect them again. the simplest way is to get a $10 hub, connect the machines to the hub, bring a single wire from the hub to your router and plug it in when you need to, then disconnect when done.
** Posted from
OK, I went there and read about a bunch of stuff I don't understand. its talking about unbinding services on NT4. Sounds a bit dated to me. Is this right? My first impression is this is a really good way to hose everything.
Karl
I've got a linksys router. This sounds good but I'm really uninformed (dumb) here. Anybody know of a good step by step tutorial?
Karl
You need to find the MAC addresses of the network cards in the computers you want to set up filtering for. To do that in Windows, open a command prompt and enter the command "ipconfig /all". The MAC address is listed as "Physical Address" in the output. It'll look like this but have a different address:
Physical Address. . . . . . . . . : 00-10-5A-1B-C0-02
Every network card has a different MAC address, like a finger print, no two are the same.
Write down the MAC address(es) minus the hyphens, just the letters and numbers.
Now log into your routers web based configuration and go to the advanced settings. The MAC address filtering will be set up there. It may be under a security tab depending on the router. Go to it and enter each MAC address you want to filter in the list, then click apply.
If you've never logged into your routers web based configuration, consult the documentation for the router on how to do it. It's not difficult and the first thing you should do is change the default password, then add the MAC address filtering and leave every other setting alone.
HTH
On Sun, 29 Jun 2008 17:26:19 -0500, with neither quill nor qualm, "Karl Townsend" quickly quoth:
RTFcheatsheet, Karl. Didn't it come with a poster-sized Routers for Dummies installation sheet? ;)
Try the Knowledge Base at Micro$oft:
-- Such is the irresistible nature of truth that all it asks, and all it wants, is the liberty of appearing. -- Thomas Paine
Karl
I just use Shields Up (one of the tabs) to check common ports, it will tell you if they are accessible on the internet by bad guys. Nothing is installed or changed. Your router's firewall will protect your systems from all but a determined targeted non-random attack by experts with a lot of time and sophistication. Any Gov. agencies after you?
Umm ... cut off "the kid"s hands so he can't type or work the mouse?
Remove windows and install some other OS?
Personally, I would *never* let a Windows box being used as a machine control gain access to the net. *Period*. There is no reason that it should, and plenty of reasons why it should not. And as long as it can't get out, you don't have to worry about updates. And if systems on the outside can't get in, you don't have to worry about virus updates either.
And -- you'll probably have to clean the disk and reinstall to get rid of your problems. (At least you aren't stuck with "Windows Genuine Advantage" wanting to talk to home after every loose screw gets tightened as you would be with Vista. :-)
If you *have* to have it on an internal net, keep a separate firewall machine which is told to prevent allowing that machine to contact the outside for updates or anything else.
Good Luck, DoN.
Do you have an empty slot in the office machine? Install an extra ethernet card, and direct connect it to the CNC machines through a stand-alone hub. Make sure you resist any attempts of the office machine to get you to allow it to route between networks, which would defeat what you want to do.
Break the lan with the extra ethernet card in the office machine, and allow connections to the CNC machines only through that ethernet port. I could tell you how to set it up on unix boxen, you'll have to get it from someone else for Windows -- especially how to keep it from routing between the two nets. I'll bet that Windows will want to do the routing by default, and you'll have to fight it to keep it from doing that.
Good Luck, DoN.
PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.