|
There are isolated problems with current patches, but they are well-known and documented on this site. |
I have a gateway (modem/router) with WiFi. I’ve enabled the “Guest” account which supposedly offers some separation between the main WiFi account.
Are there ways to check that level of security using shared folders or ping? I’m not sure what the steps would be.
Mike
In my setup using a Netgear router, a user connected to the “Guest” Wi-Fi access point can only access the internet, and the other resources on the private WLAN are not accessible. So no file sharing or ability to connect to other local devices, etc.
I haven’t attempted any deep penetration tests, but you could always use a second computer connected to “Guest” to see what you see.
I mainly use the “Guest” for visitors that wish to access my Wi-Fi, as well as my mobile devices such as Android tablets and smartphones, and other connected devices, etc. that may not be as trusted as my main computers. Just a precaution… 😉
Windows 10 Pro 22H2
That is an option on my NG R7000 w/ latest f/w.
🍻
Just because you don't know where you are going doesn't mean any road will get you there.What I’m thinking about here is…. a lot of these IoT devices at home may require an internet connection for full functionality. Many times the manufacture will even update the firmware for these IOT devices. So I’m assuming that the guest account is two way.
Exactly my thoughts. Anything that I don’t feel I have total control over gets the “Guest” treatment. The internet access is not blocked.
For an IoT device on your internal network, any unsolicited packets from “outside” should be blocked by the router by default (incoming deny). Only responses to a connection attempt from the device inside would be allowed by default (outgoing allow). Those devices are probably programmed to periodically “phone home” to check for updates.
Windows 10 Pro 22H2
Most modern PV solar systems for residential use have a ethernet or Wi-Fi enabled gateway type device that communicates back to the solar manufacturer servers on a regular basis, usually every 15 minutes.
If the untrusted device is connected to your router via Ethernet cable, then the “Guest” Wi-Fi access point is bypassed, and the device is directly attached to your LAN.
In that case, if you do not trust the manufacturer you would probably need to look into setting up a separate local network and router (not bridged to your main network).
Some ideas here:
Here’s how to create a separate network for smart home devices
https://ktar.com/story/2898083/heres-how-to-create-a-separate-network-for-smart-home-devices/
Secure your network. Your fridge and your laptop should not be on the same network. Keep your most private, sensitive data on a separate system from your other IoT devices.
Windows 10 Pro 22H2
Connect your IoT things to your existing router. Connect the new router to a wired port on your existing router and connect your devices to the new router. Job done!
That sounds like it should work! Thankfully all of my IoT gadgets can use guest Wi-Fi isolation, so I’ve never had to try that out for wired isolation…
So far, so good. Haven’t observed any nefarious connections from guest devices to my main local net other than the router and internet.
Windows 10 Pro 22H2
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
