[liberationtech] Sharing your wireless guest account

Eric Tykwinski eric-list at truenet.com
Sun Apr 19 18:23:43 CEST 2020 

Make sure the router services are not available to clients.  IE https, ssh, telnet, SNMP, et al.
I’m personally in favor of a walled garden, ie make them accept a TOS before accessing the internet.
Ensure you have BCP38 enabled: https://tools.ietf.org/html/bcp38 <https://tools.ietf.org/html/bcp38>
Firewall your personal LAN from access to/from the guest network.
I would also block vulnerable services that shouldn’t be available anyways. 
If possible just allow specifics, like web traffic, dhcp from your router, dns lookups from your recursive, et al.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

> On Apr 19, 2020, at 7:49 AM, Charlie Welch <cwelch at tecschange.org> wrote:
> 
> I realized an easy way to share my wireless access.
> 
> How safe is this to do (with wireless isolation feature turned on)???
> 
> Sharing your wireless guest account
> 
> 
> 
> Very rough instructions to do it
> 
> 
> 
> Find out the IP address of your router.
> 
> Search for the user manual by model number or open up a cmd box and run ipconfig
> 
> The router address is usually give by Default Gateway . . . . . . . . . : 192.168.1.1
> 
> For my Netgear router I did this. 
> 
> Go to the "Guest Network" configuration tab
> 
> Check box to Turn on Guest network
> 
> Check box to Enable Wireless Isolation 
> 
> This allows the guest to connect to the internet but not to any other devices on your network
> 
> My router requires a password so I used this trick to give out the password..
> 
> Guest Wireless Network Name (SSID) : Name your Guest Network “Password is xxx “
> 
> where xxx is the password
> 
> Optional (this limits the shared bandwith to 55 Mbits)
> 
> WPA-PSK [TKIP] + WPA2-PSK [AES] 
> 
> 
> -- 
> Liberationtech is public & archives are searchable from any major commercial search engine. Violations of list guidelines will get you moderated: https://lists.ghserv.net/mailman/listinfo/lt <https://lists.ghserv.net/mailman/listinfo/lt>. Unsubscribe, change to digest mode, or change password by emailing lt-owner at lists.liberationtech.org <mailto:lt-owner at lists.liberationtech.org>.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20200419/e7367e26/attachment.html>

More information about the LT mailing list