What is the easiest way to get Windows XP Professional to act as an NAT
server for only one of its attached host adapters?

Will,

ICS is a Windows XP NAT ROUTER solution - not NAT server.  You can configure ICS
on any one of multiple LAN connections.
<http://nitecruzr.blogspot.com/2005/05/ics-is-ok-but-you-can-do-better.html>
http://nitecruzr.blogspot.com/2005/05/ics-is-ok-but-you-can-do-better.html

<http://nitecruzr.blogspot.com/2005/05/ics-is-ok-but-you-can-do-better.html>
ICS isn't all that secure I guess?   What's the cheapest commercial NAT
solution that would work on a Windows XP host?    Most commercial solutions
are going to be full blown stateless firewalls that require a server OS for
the install, not to mention fairly serious dollars.....

I need the NAT on Windows XP just as a performance tweak on a VMWare virtual
machine used for a non production system.   The VMWare built-in NAT
functions work but have terrible performance problems.    I can certainly
try ICS, but just hate to lower security on the XP host.

In article <9L6dnQehrsW6Xc7YnZ2dnUVZ_qidn***@giganews.com>, "Will"
<westes-usc@noemail.nospam> wrote:
Show quoteHide quoteI respectfully disagree with Chuck's comments about ICS being insecure
or straining the resources of the server.  In my opinion, ICS, with
the Windows Firewall enabled on the host, is fine, because:

1. The attack that he cites that can kill the Windows firewall has to
come from a computer on the LAN.   The attack can't come from the
Internet.  See this site for details:

http://www.networkworld.com/news/2006/103006-new-windows-attack-can-kill.html

2. In my opinion, ICS puts a negligible load on the host computer.  A
typical home broadband router has a much slower processor and much
less memory than an XP ICS host computer.  For example, my SMC
Barricade router has a 40 MHz CPU and less than 1 MB of memory.  A
computer meeting the absolute minimum requirements or Windows XP is 10
times faster and has 128 times as much memory.  A more recent computer
is at least 50 times faster than that router and has at least 256
times as much memory.

Show quote Hide quote Will,

The disadvantages of ICS are a combination of issues.  You read the list I
suspect, and I know Steve did.  All of them are not that earth shattering, and
if a NAT router was expensive, ICS would be well worth it.  As it was 5 years
ago.

When you see decent NAT routers available for as little as $10 after rebate, why
gamble?

And yes, Steve, the currently known exploit uses a hostile computer on the LAN
as the attack medium.  But that's why we have WF in the first place - to protect
each computer from the other.  If you recognise that need, you must recognise
the need to prevent that protection from being tampered with.

Use one computer for doing the web browsing, and another for sharing the
service, and sharing it in safety.  Don't mix the two.  Certainly not to save as
little as less than one months web service.

In case you have not use the VMWare Server virtual machine software before,
it creates "virtual network adapters" between the host computer and the
virtual machines.    In this model, the host creates a virtual switch fabric
corresponding to each of the networks for the virtual adapters.

There is no place in this model to plug in an NAT hardware router.   The NAT
capability must exist in some form on the host computer or the virtual
machines do not get NAT.


And I would probably go farther than that and point out that the risk is
seldom from direct attack from the outside.   These days most compromises
happen when users visit web sites and install trojans as active/x controls.
Once a host is taken over from inside, the inside host becomes the mechanism
for attacking other hosts on the internal network.


If I could fix the performance problem I am trying to fix, I would probably
start doing all of my web browsing inside of virtual machines.   They can
have their state checkpointed and easily recovered to a known point in time
after you begin to suspect a problem inside the VM.

Yet another "network cable unplugged" issue (w/DSL)
Unable to connect to my wireless laptop
Read only access error after newly saving files
Promted for username & password when accessing network folder
Cannot Detect Eithernet
dns lookup problem
Invisible Computer
Sharing a printer
Can I list the open files I have to a network share?
Win has an mtu size, so does router, which matters?