ICS Is OK – But You Can Do Better

A few years back, when routers cost $200 or more, Microsoft added a feature in Windows that lets you share your internet connection with other computers, and save the cost of a router.

All you have to do is to add a network card in your computer. Internet Connection Sharing, as they call it, is a NAT router in your computer. It provides a DHCP server, and a routed internet connection, to any client computers connected to the added network card, thru a simple cross-over cable or hub.

If the internet connection is thru a modem (as in dialup internet access), ICS can even share that service to any client computers. It’s quite simple to setup.

ICS is not without cost, though.

  • The added network card gets a forced (and non-configurable) ip address of 192.168.0.1. If the primary network card (where the internet service originates) is on the 192.168.0.0/24 subnet, you have a problem.
  • The ICS server has to be on, whenever you wish to access the internet from any ICS client.
  • Any time you load software on the ICS server, and / or restart it, you will affect internet service to the ICS clients.
  • Occasionally, the internet traffic from the ICS clients may strain the resources of the ICS server.
  • Depending upon its configuration, a personal firewall running on the ICS server may also strain the resources of the server. This is generally a problem with malicious incoming traffic, which the firewall must log and / or research.
  • If the ICS server is also used for web browsing, the firewall on the ICS server may be vulnerable to any malware acquired thru the browsing.
  • If service is thru a dialup modem, the modem management software (as in Remote Access Services) may affect stability of the server. Activity on the server may, conversely, affect stability of RAS.
  • If service is thru a dialup modem, malware can hijack the modem, and make unsolicited extremely expensive dialup connections, that can result in a phone bill in the thousands of dollars.

A far better solution for sharing internet service is to use a NAT router, and to connect the primary computer (otherwise the ICS server), and all secondary computers (otherwise the ICS clients), as peers, to the router.

  • The ip address on all interfaces of a router is configurable. You can avoid using subnet 192.168.0.0/24, if desired.
  • Any computer can be turned off, without affecting internet service to the others.
  • The former ICS server can have software installed, and can be restarted, at any time, without affecting the other clients.
  • The router, which will be used only for routing packets, will handle the processing of those packets without straining the resources on any of the client computers.
  • The router, by blocking mailcious web traffic, will lessen the load on the personal firewalls on the client computers.
  • The router will provide an additional layer of security, which will be unaffected by any web browsing done by the clients.
  • Routers for external dialup modems, which will manage the modem without any effect on the former host, are available. Activity on the former server won’t affect the dialup service either.
  • By moving a dialup modem from the computer to the router, the possibility of a modem hijack is eliminated.

When you think about it, if you have Ethernet based internet service, or PPP dialup internet service, using a NAT router to manage and share the service makes a lot of sense. If your internet service isn’t of either type, for instance a USB connected broadband modem, or non-PPP dialup service, you should consider getting better service.

If you can afford broadband internet service, you can afford a NAT router – you can get a broadband NAT router for as little as $40 at Walmart. If you have dialup service, a dialup router / modem is still affordable. Especially considering the convenience, performance, and security gains.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: