Networking question.

Jackal65

Jackal65

Expert Member
Joined
Feb 10, 2024
Messages
2,353
Reaction score
2,546
I am looking into getting a VPN but don't want to limit it to just a single phone or computer or laptop or TV or whatever else.

VPNs are slow at times so I don't want to use it all the time. Is this possible?

1712301656238.png
Also If a guest on Router 1 try to do funny **** with my network will it effect the stuff on Router 2 and ISP router? The idea here is when family visit to give them a password to a network but I don't want them to have access to the network where the laptops and desktops have file sharing enabled.

One always get that one idiot that watched to many Youtubes and then tries funny ****. We noticed the laptop we use in the living room's camera was turning on and off by itself. We suspect it was one of my brother in law's sons that did some strange **** with it. So I don't know enough to know what they did. I have no proof so next time I want to give them access to an isolated network and just put the laptops away. Keep the little **** out of the office.
 
I wiped the laptops and because I don't know what he did, I just took everything offline. I wiped all the computers, all the laptops and did a factory reset on the router. It has a new password now. Did the same for the ISP router.

Finished wiping all the computers, we did factory resets on all the phones and TV box. We didn't lose any data or anything. We did lose a few family photos and stuff. But I don't know what the little **** did, all i know is it kept me busy from Monday till now.
 
Create a "guest" wifi network that is isolated from the rest of the network/systems. So guests will have internet, but won't be able to access local systems.
Also makes it easy to change the password, or disable it if you want to without affecting your own network.
 
Its why I wanted a second router, because it is easy to unplug
 
Jackal46 said:
Its why I wanted a second router, because it is easy to unplug
Click to expand...
Far easier to disable it logically. Most decent routers support a guest wifi SSID option that only routes them through to the internet, they are also isolated from one another, and more importantly, from your other resources on the same LAN. If you are paranoid you could even assign another IP address range to it.

Your problem statement is actually two separate statements, you mentioned a VPN. How does that fit in with dealing with miscreant guests?

edit: OK, I see now, you thought that the VPN would prevent the guests from hacking local resources?
 
Jackal46 said:
Its why I wanted a second router, because it is easy to unplug
Click to expand...

Just create an isolated Guest Wifi on your router that only has internet access, problem solved.

It will have no access to the network, and if dodgy strange shyte happens you just turn it off.

Your VPN solution is overkill for no benefit and just massive additional complexity.
Unless you are wanting to have a VPN for specific services, and at that point it makes more sense to get a better single router like a Mikrotik and setup a VPN tunnel for certain services/IP ranges.
 
RonSwanson said:
Far easier to disable it logically. Most decent routers support a guest wifi SSID option that only routes them through to the internet, they are also isolated from one another, and more importantly, from your other resources on the same LAN. If you are paranoid you could even assign another IP address range to it.

Your problem statement is actually two separate statements, you mentioned a VPN. How does that fit in with dealing with miscreant guests?

edit: OK, I see now, you thought that the VPN would prevent the guests from hacking local resources?
Click to expand...
Yes that is it, that way they can't scan my traffic.
 
The VPN might be overkill but according to the YouTube Network gurus if your network not encrypted with a VPN it is easy to the following and please not I am learning this **** as I am watching this stuff myself.

I get now why the little **** had his backpack with him all the time. Firstly our net stopped working and we had to try and reconnect several times. Because they had my password because we gave it to them to use as one does with family the shithead abused that and routed all our traffic trough his little router in his bag. He basically owned us at that point. I can't tell you what he did I don't ****ing know. It just pisses me off thinking about it.

All I know was after they left everything was ****ing slow. The laptop used near 100% of its CPU so did the desktop computer.

I promise you this, if they visit next weekend I am opening that backpack and if I see a router anything like that it is getting stepped on. Along with his phone. I am not happy about this.
 
Jackal46 said:
The VPN might be overkill but according to the YouTube Network gurus if your network not encrypted with a VPN it is easy to the following and please not I am learning this **** as I am watching this stuff myself.

I get now why the little **** had his backpack with him all the time. Firstly our net stopped working and we had to try and reconnect several times. Because they had my password because we gave it to them to use as one does with family the shithead abused that and routed all our traffic trough his little router in his bag. He basically owned us at that point. I can't tell you what he did I don't ****ing know. It just pisses me off thinking about it.

All I know was after they left everything was ****ing slow. The laptop used near 100% of its CPU so did the desktop computer.

I promise you this, if they visit next weekend I am opening that backpack and if I see a router anything like that it is getting stepped on. Along with his phone. I am not happy about this.
Click to expand...

In all honesty, I think you're overreacting, and probably being stupidly paranoid.

He may have snooped on network traffic, or done some random stupid crap to your network, but what does it gain him other than a bit of shytes and giggles.
Just kill your previous WiFi network, create a new one with a new password and create an isolated guest one that they can have the password to.

As for the Youtube Network "gurus" you must have a VPN because they're being paid to punt the product.
 
Jackal46 said:
The VPN might be overkill but according to the YouTube Network gurus if your network not encrypted with a VPN it is easy to the following and please not I am learning this **** as I am watching this stuff myself.

I get now why the little **** had his backpack with him all the time. Firstly our net stopped working and we had to try and reconnect several times. Because they had my password because we gave it to them to use as one does with family the shithead abused that and routed all our traffic trough his little router in his bag. He basically owned us at that point. I can't tell you what he did I don't ****ing know. It just pisses me off thinking about it.

All I know was after they left everything was ****ing slow. The laptop used near 100% of its CPU so did the desktop computer.

I promise you this, if they visit next weekend I am opening that backpack and if I see a router anything like that it is getting stepped on. Along with his phone. I am not happy about this.
Click to expand...
He was probably using your computers to mine crypto, or maybe hosting illicit content.
It does not sound like he is trustworthy enough or deserving of even a guest login. He will probably get you into trouble with your ISP, and the law. In addition to being disrespectful of your computing devices, data and network, he has caused you to lose man-hours of worktime fixing his mess.

I would have a chat with his parents if I were you. He needs to understand the consequences of his actions, and he ought to be kept busy on weekends pulling weeds in the garden, washing your windows and polishing your car until he has paid his debt to you.
 
RonSwanson said:
He was probably using your computers to mine crypto, or maybe hosting illicit content.
It does not sound like he is trustworthy enough or deserving of even a guest login. He will probably get you into trouble with your ISP, and the law. In addition to being disrespectful of your computing devices, data and network, he has caused you to lose man-hours of worktime fixing his mess.

I would have a chat with his parents if I were you. He needs to understand the consequences of his actions, and he ought to be kept busy on weekends pulling weeds in the garden, washing your windows and polishing your car until he has paid his debt to you.
Click to expand...
It is why I decided to clean out all the computers. That way I am 100% sure everything is cleaned. How port forwarding got enabled on my ISP router is scarry to me. I don't even know how to do it. How did he get into the darn thing? That is what I want to know.

But everything was wiped, restored to factory default then I changed the passwords again.

ISP router WiFi disabled.

Family router.
Mac binding enabled Cannot accept any other device then what is on the list. So only our phones, Laptops and devices. Total 8 devices.

Guest router.
Different IP range.
Will unplug it if they are not around.

Will this work? I don't know, it should the guest router's IP, password and SSID is totally different to the family router. Another thing we did is we put the TV box on the guest router. So a day before they visit I will pack the laptop away that drives the TV that is connected to the family router and if the little **** somehow get to the TV Box and somehow snoop the password it doesn't matter.

My kids where told not to share their PC with him. My office will be locked, so no physical access to the routers. Total cost R3k.
 
You wiped everything. Did you look for any evidence before doing so?
 
abudabi said:
You wiped everything. Did you look for any evidence before doing so?
Click to expand...
Only evidence I had was the port forwarding that was enabled and the living room laptop camera's light blinking on and off.

Since I am not computer literate I didn't know what else to look for so I just said I can't risk assuming he didn't do anything else. But our little shithead hacker is about have a rude ****ing awakening today. I am going to grab his backpack and if I see a router on a battery pack or a Pi computer flickering it will be confiscated and dumped in a bucket filled with water. Little **** cost me nothing but trouble.
 
MAC binding is better, but not a panacea as it is easily spoofed.
Get Wifi6 and use WPA3. Use a decent device that supports a separate Guest wifi SSID that separates guests from one another and the LAN, and only allows Internet.

Using another router creates other problems.
 
Jackal46 said:
It is why I decided to clean out all the computers. That way I am 100% sure everything is cleaned. How port forwarding got enabled on my ISP router is scarry to me. I don't even know how to do it. How did he get into the darn thing? That is what I want to know.

But everything was wiped, restored to factory default then I changed the passwords again.

ISP router WiFi disabled.

Family router.
Mac binding enabled Cannot accept any other device then what is on the list. So only our phones, Laptops and devices. Total 8 devices.

Guest router.
Different IP range.
Will unplug it if they are not around.

Will this work? I don't know, it should the guest router's IP, password and SSID is totally different to the family router. Another thing we did is we put the TV box on the guest router. So a day before they visit I will pack the laptop away that drives the TV that is connected to the family router and if the little **** somehow get to the TV Box and somehow snoop the password it doesn't matter.

My kids where told not to share their PC with him. My office will be locked, so no physical access to the routers. Total cost R3k.
Click to expand...

If your default router password was still active all he had to do was turn the router over to find it where it’s printed on the bottom. That would give him full access to the router to do whatever he wants.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X