Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Can I use two routers to create a more secure guest network
Message
<blockquote data-quote="Lenny_Fox" data-source="post: 936426" data-attributes="member: 82776"><p>Apply all best practices of router hardening (there is a guide on this forum also)</p><p></p><p>Most important (IMO) are to</p><p>1. Install latest patches of the router firmware (and all devices when possible)</p><p>2. Enable all build-in security fetures</p><p>3. Use the longest pass phrase possible for your home network</p><p></p><p>Limit exposure of (and access to) your guest network (on which you host the weak devices)</p><p>1. Reduce the lease time of connected devices of your guest network to say 6 hours</p><p>2. Reduce the number of IP's which are available for DHCP/device allocation on your guest network (when you only have three devices reduce it 5 maximum)</p><p>3. Reduce the "up time" or "internet connection time"" by assigning a parental control schedule to the devices on the guest network for the hours you use them</p><p></p><p>When you use two routers:</p><p>1. Allocate a different range of IP-addresses in each router.</p><p>2. Block the IP-addresses of the router with the weak devices on the guest network from the other router on your home network</p><p>3. Search for network partitioning feature on the router with the weak devices and enable this (this will prevent clients in the network to communicate with each other)</p><p></p><p>Before getting my latest tri-band router I had an old 2.4 Ghz router which I used for IOT devices and phones. I disabled the 2.4 Ghz network on the modem/router of my ISP and only used the 5GHZ frequency of my ISP-router. You don't need to bridge the router, just plug old 2.4 Ghz router into the first network cable port of your ISP-router and you have two different network names on two different routers on two different frequencies. It is a cheap way to create a dual cpu/dual band solution with two relatively low range routers.</p><p></p><p>This won't prevent a hacker to get in, but makes it harder for script kiddies to sniff your network and find the pass phrase to access network and/or router.</p></blockquote><p></p>
[QUOTE="Lenny_Fox, post: 936426, member: 82776"] Apply all best practices of router hardening (there is a guide on this forum also) Most important (IMO) are to 1. Install latest patches of the router firmware (and all devices when possible) 2. Enable all build-in security fetures 3. Use the longest pass phrase possible for your home network Limit exposure of (and access to) your guest network (on which you host the weak devices) 1. Reduce the lease time of connected devices of your guest network to say 6 hours 2. Reduce the number of IP's which are available for DHCP/device allocation on your guest network (when you only have three devices reduce it 5 maximum) 3. Reduce the "up time" or "internet connection time"" by assigning a parental control schedule to the devices on the guest network for the hours you use them When you use two routers: 1. Allocate a different range of IP-addresses in each router. 2. Block the IP-addresses of the router with the weak devices on the guest network from the other router on your home network 3. Search for network partitioning feature on the router with the weak devices and enable this (this will prevent clients in the network to communicate with each other) Before getting my latest tri-band router I had an old 2.4 Ghz router which I used for IOT devices and phones. I disabled the 2.4 Ghz network on the modem/router of my ISP and only used the 5GHZ frequency of my ISP-router. You don't need to bridge the router, just plug old 2.4 Ghz router into the first network cable port of your ISP-router and you have two different network names on two different routers on two different frequencies. It is a cheap way to create a dual cpu/dual band solution with two relatively low range routers. This won't prevent a hacker to get in, but makes it harder for script kiddies to sniff your network and find the pass phrase to access network and/or router. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
