Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | Help improving home network security (Super hub 3)

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Networking

Help improving home network security (Super hub 3)
Reply
 
Thread Tools
Old 29-08-2020, 21:58   #1
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Help improving home network security (Super hub 3)

I posted this in the security thread then noticed this - I don't mean to flood the forums
Devices I have:
VM Superhub 3 (Main internet router)
VM Superhub 2 (spare and not in use) - mentioned in the hope I can make use of this to solve my problem


What I want to achieve:
I use LAN for main computers, and want to isolate 2 devices which are connected via LAN.

I have a guest WIFI set up, but obviously this is no good for the Wired in devices I want to isolate.

Can I isolate 2 specific devices via Mac address or anything, so they cannot sniff my network or have any connection to the rest of my main network? I just don't want them to figure out personal forums etc I visit (I would like to avoid buying a VPN)

Can I use the Superhub 2 as a isolation guest router, and then Lan the devices through that? or any other settings I can tweak to achieve this?

I hope that all makes sense
Pierre99 is offline   Reply With Quote
Advertisement
Old 13-09-2020, 15:15   #2
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

anyone with some knowledge that can help please?
Pierre99 is offline   Reply With Quote
Old 13-09-2020, 20:09   #3
General Maximus
C/O Felix Legion
 
General Maximus's Avatar
 
Join Date: Nov 2008
Location: Lincoln
Services: phone + L TV + 350mbit BB + Sky+HD
Posts: 9,351
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
Re: Help improving home network security (Super hub 3)

You can do it very easily just not with residential switches and routers. Have you google'd it to see if there is an easy solution before you go out buying new equipment. You can probably get your hands on some old Cisco stuff really cheap but there are many lengthy courses dedicated to how to use them and it isn't something I can't type out here.
__________________
Join the Mockingjay, join the fight
General Maximus is offline   Reply With Quote
Old 13-09-2020, 21:07   #4
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by General Maximus View Post
You can do it very easily just not with residential switches and routers. Have you google'd it to see if there is an easy solution before you go out buying new equipment. You can probably get your hands on some old Cisco stuff really cheap but there are many lengthy courses dedicated to how to use them and it isn't something I can't type out here.
I understand - yes I've googled quite a bit and haven't found anything specific to guest lans, or anyone on forums trying what I'm doing (surprisingly). It's all just about guest wifis out there.

Is there a specific feature I need to make sure the switch has (as well as the VLANS of course). Also would this completely isolate it from the rest of the network, so if a guest wants to do anything dodgy ie sniff the network and he's on this specific VLAN, he can't pick up anything from the main private network?

Last edited by Pierre99; 13-09-2020 at 21:19.
Pierre99 is offline   Reply With Quote
Old 13-09-2020, 22:18   #5
General Maximus
C/O Felix Legion
 
General Maximus's Avatar
 
Join Date: Nov 2008
Location: Lincoln
Services: phone + L TV + 350mbit BB + Sky+HD
Posts: 9,351
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
General Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronzeGeneral Maximus is cast in bronze
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by Pierre99 View Post
Is there a specific feature I need to make sure the switch has (as well as the VLANS of course).
Nope. It is all down to software and the OS the switch runs. We would have to check and make doubley sure once you find a switch you are interested in but i am 99.99% sure the OS which is installed on all Cisco switches supports vlans.
__________________
Join the Mockingjay, join the fight

Last edited by Hugh; 14-09-2020 at 10:46.
General Maximus is offline   Reply With Quote
Old 15-09-2020, 19:56   #6
Hom3r
Proud Ex EU Citizen.
 
Hom3r's Avatar
 
Join Date: Mar 2004
Location: Galactic Sector ZZ9 Plural Z Alpha, www.daves-world.co.uk. A secret Moonbase (shh don't tell anybody)
Age: 51
Services: 1 V6, 2x1TB Tivo, , SH3. Samsung Galaxy Note 10+ 5G, Ton's of Smart Home stuff, & Cuddy Toy
Posts: 15,711
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Re: Help improving home network security (Super hub 3)

I can highly recommend Fingbox

You plug it into your router and once set up every device is blocked until you approve it via the app or desktop version.

Yesterday my dad bought himself a Galaxy Tab S7+ and I entered the Wi-Fi code but fingbox blocked it.

But I simply approved it.


A few months ago I was playing with the guest network on my router, and it blocked 4 Huawei devices that I guess a neighbour had.
__________________
STAY AT HOME: I found out that mum will never walk again as the coronavirus attacked her nervous system. . Twitter Facebook
My Blog
Hom3r is offline   Reply With Quote
Old 15-09-2020, 21:09   #7
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

thank you for the help and advice so far everybody.

https://www.amazon.co.uk/NETGEAR-5-P...dp/B07QF51CVQ/

What I'm after is Ethernet isolation. A bit more searching shows 'Private VLAN' may be the words i'm after

Would something like this allow me to create Guest VLANS, which for example if a Guest computer was ethernet connected in to a Guest VLAN Port, they cannot carry out miscellaneous tasks such as Sniffing the network etc?
Pierre99 is offline   Reply With Quote
Old 15-09-2020, 22:19   #8
Hom3r
Proud Ex EU Citizen.
 
Hom3r's Avatar
 
Join Date: Mar 2004
Location: Galactic Sector ZZ9 Plural Z Alpha, www.daves-world.co.uk. A secret Moonbase (shh don't tell anybody)
Age: 51
Services: 1 V6, 2x1TB Tivo, , SH3. Samsung Galaxy Note 10+ 5G, Ton's of Smart Home stuff, & Cuddy Toy
Posts: 15,711
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Re: Help improving home network security (Super hub 3)

It might be worth in the router setting adding words/websites to the black list.

For example, a few years ago an elderly couple had an unprotected Wi-Fi, and someone accessed it and downloaded the worst kind of porn imaginable.

They got done for it, even there were no items on any devices/media.
__________________
STAY AT HOME: I found out that mum will never walk again as the coronavirus attacked her nervous system. . Twitter Facebook
My Blog
Hom3r is offline   Reply With Quote
Old 17-09-2020, 13:07   #9
Stuart
-
 
Stuart's Avatar
 
Join Date: Jun 2003
Location: Somewhere
Services: Virgin for TV and Internet, BT for phone
Posts: 26,489
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by Hom3r View Post
I can highly recommend Fingbox

You plug it into your router and once set up every device is blocked until you approve it via the app or desktop version.

Yesterday my dad bought himself a Galaxy Tab S7+ and I entered the Wi-Fi code but fingbox blocked it.

But I simply approved it.


A few months ago I was playing with the guest network on my router, and it blocked 4 Huawei devices that I guess a neighbour had.
I don't use guest Wifi, but a second vote for the Fingbox here..

The interesting thing is that because of how the blocking works, the device thinks it's connected to the Internet, just gets no response when it tries to do anything useful.

It's worked reliably for the last couple of years, and has blocked more devices than I thought it would.

The only time I've had any trouble with it is while beta testing iOS 14. iOS 14 has an option to generate a random MAC every time it connects to a WiFi network (to prevent tracking), with the option to present a consistent MAC address to known networks. This didn't work, which meant every time my phone or watch connected to my network, they were both blocked..

Apple have since fixed this.
Stuart is offline   Reply With Quote
Old 17-09-2020, 21:04   #10
Hom3r
Proud Ex EU Citizen.
 
Hom3r's Avatar
 
Join Date: Mar 2004
Location: Galactic Sector ZZ9 Plural Z Alpha, www.daves-world.co.uk. A secret Moonbase (shh don't tell anybody)
Age: 51
Services: 1 V6, 2x1TB Tivo, , SH3. Samsung Galaxy Note 10+ 5G, Ton's of Smart Home stuff, & Cuddy Toy
Posts: 15,711
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Hom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny starsHom3r has a pair of shiny stars
Re: Help improving home network security (Super hub 3)

There must haven been some update as the TV I plugged in to a switch was also blocked, until I unblocked it.
__________________
STAY AT HOME: I found out that mum will never walk again as the coronavirus attacked her nervous system. . Twitter Facebook
My Blog
Hom3r is offline   Reply With Quote
Old 18-09-2020, 19:38   #11
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

I really need to secure the network via ethernet - is it not possible? isolate certain ethernet devices on the network via specific port management?
Pierre99 is offline   Reply With Quote
Old 18-09-2020, 20:21   #12
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 64
Services: Now back with VM for BB & phone. 50Mb service.
Posts: 9,634
pip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: Help improving home network security (Super hub 3)

Answer this Pierre, why would you wish to isolate 2 LAN devices as you think they may be snooping on your activity?

No guests just 2 other LAN connections, who and why?
pip08456 is offline   Reply With Quote
Old 18-09-2020, 21:27   #13
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by pip08456 View Post
Answer this Pierre, why would you wish to isolate 2 LAN devices as you think they may be snooping on your activity?

No guests just 2 other LAN connections, who and why?
I will cover some examples to help you understand better:

Like I said I have a friend/business partner that has access to our studio windows 10 machine. I do see any activity as the screen is on, however how would I know if the windows 10 machine becomes compromised, and they can sniff around network to pick up private data.

Also if I have clients visit and wire in their machines to the network (we do high transfer of files from the windows 10 machine to clients and vice versa, sometimes left on over night) hence why I would prefer they are isolated LAN ports, so whatever happens they do not interfere or cannot pick up anything private
Pierre99 is offline   Reply With Quote
Old 18-09-2020, 21:55   #14
pip08456
Sad Doig Fan!
 
pip08456's Avatar
 
Join Date: Aug 2007
Location: Barry South Wales
Age: 64
Services: Now back with VM for BB & phone. 50Mb service.
Posts: 9,634
pip08456 has a nice shiny star
pip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny starpip08456 has a nice shiny star
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by Pierre99 View Post
I will cover some examples to help you understand better:

Like I said I have a friend/business partner that has access to our studio windows 10 machine. I do see any activity as the screen is on, however how would I know if the windows 10 machine becomes compromised, and they can sniff around network to pick up private data.

Also if I have clients visit and wire in their machines to the network (we do high transfer of files from the windows 10 machine to clients and vice versa, sometimes left on over night) hence why I would prefer they are isolated LAN ports, so whatever happens they do not interfere or cannot pick up anything private
This is the first time you have ever mentioned friend/business partner or clients in this thread. I think everyone was looking at a personal LAN connection.

The flingbox now can become a reality if you have a LAN storage unit. Upload the files to that, allow them access to it but block your PC to them.

Last edited by pip08456; 18-09-2020 at 21:58.
pip08456 is offline   Reply With Quote
Old 18-09-2020, 21:59   #15
Pierre99
cf.member
 
Join Date: Aug 2020
Posts: 10
Pierre99 is an unknown quantity at this point
Re: Help improving home network security (Super hub 3)

Quote:
Originally Posted by pip08456 View Post
This is the first time you have ever mentioned friend/business partner or clients in this thread. I think everyone was looking at a personal LAN connection.
Apologies for not being clear its my home network and home internet where I connect my office through a network cable into a mini unmanaged switch


Internet router Super hub 3 ->*

* LAN ---> Personal unmanaged switch --->Personal devices
* LAN ---> Office unmanaged switch ---> Unsecure Guest devices & remotely accessible machine

I would like a barrier between the 2 even if it involves a second managed switch plugged in the middle of it all (I do have a super hub 2 which is unused if that can help create this barrier)
Pierre99 is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 17:04.


Server: curium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, vBulletin Solutions Inc.