Disabling internet access for a Win10 PC

Modred189

Can't Read the OP
Joined
May 24, 2006
Messages
16,308
I have a Win10 PC working as a Plex server and Crashplan backup location. It doesn't need internet access (other than periodic updates). Is there any easy way to keep that computer on the network but disable/toggle internet access?
 
Define 'keep on the network'.

If it's about disabling internet access (i.e. access to the router), then one could maybe set up filter rules or such on the machine itself, or on the router, I would say.
 
Static IP and do not put in a gateway. Boom Done.
 
Define 'keep on the network'.

If it's about disabling internet access (i.e. access to the router), then one could maybe set up filter rules or such on the machine itself, or on the router, I would say.
So, it needs to be on the internal house network so all the laptops and desktops can see it to backup to it and use it as a Plex server.

BUT I don't want it to "see" the internet or "be seen" by the internet.

Static IP and do not put in a gateway. Boom Done.

Let's pretend I'm a complete networking idiot. Well, not complete. I know how to assign an IP to the server.
How does one "not put in a gateway"? Is this also done on the router?

(For reference, I'm using a Netgear Nighthawk)
 
You are going to have issues with crashplan as it has no way to find its peer (uses their servers for the handshake even in p2p mode).
 
You are going to have issues with crashplan as it has no way to find its peer (uses their servers for the handshake even in p2p mode).

AH. Got it. That's too bad.
This was all an attempt to avoid having to deal with AV software on the server, but given that little factoid, it appears to be a moot point.

Thanks!
 
AH. Got it. That's too bad.
This was all an attempt to avoid having to deal with AV software on the server, but given that little factoid, it appears to be a moot point.

Thanks!

If your only concern is to not have AV software on the server, just don't put AV software on the computer. Seriously. If you are not going to use the computer to actively pull information from the Internet (ie, browse web pages, check email, dowload torrents), and you are using a NAPT router (which your nighthawk is), you don't need Anti-Virus.
 
Add a firewall rule :>

Name: Block outbound
Type: Port, TCP
Ports: 80, 443, 20, 21, 22, 23, 445, 8000-9000


Enable on all the profiles, make sure to enable whatever other ports you might need. I have this on a W10 machine that auto logs in with a standard user account that cant change FW settings and cant be on the internet
 
If your only concern is to not have AV software on the server, just don't put AV software on the computer. Seriously. If you are not going to use the computer to actively pull information from the Internet (ie, browse web pages, check email, dowload torrents), and you are using a NAPT router (which your nighthawk is), you don't need Anti-Virus.

It's running headless as is, and I only access it via Teamviewer once in a long while to troubleshoot issues if they pop up. Otherwise it's meant to sit there and do nothing but backup local computers and serve up media locally.
 
I would run a virus scanner on it because you have other PC's that are used on the internet putting data on there. You cannot just rely on the virus scanners of the clients to catch everything. Only one PC needs to be compromised for the backup server to be compromised too after a backup.

Not telling you what to do, but think about it.
 
I would run a virus scanner on it because you have other PC's that are used on the internet putting data on there. You cannot just rely on the virus scanners of the clients to catch everything. Only one PC needs to be compromised for the backup server to be compromised too after a backup.

Not telling you what to do, but think about it.

Crashplan doesn't copy files, it compresses them and puts them into it's own file type, so even if a virus was found, it would be disabled by this process (correct?).

That said, you raise a corollary that may matter: should a virus propagate across the network. Looks like I'll just have to put it on there. I picked up Webroot for $10 for 5 devices, so it's worth a shot to try something new at least. I hear it plays nice with Crashplan too.
 
Back
Top