Topic 'Re: router security using guest access' in forum 'Security' - dslreports.com

Re: router security using guest access

Fri, 12 Oct 2012 12:04:20 EDT

planet posted : Thanks for the responses. Not much chatter about this subject on the net at all. I will enable it when necessary and disable it for peace of mind. Was hoping that I could simply leave it enabled. But with no standard, the potential for exploit could be there.

Re: router security using guest access

Thu, 11 Oct 2012 21:47:32 EDT

HELLFIRE posted :

said by planet:

My question, is there any way you are more vulnerable leaving your guest access on when not in use?

Depends on how the vendor implements "guest" wireless. Truth be told, there's no standard for this.
Some just do a 2nd SSID. Others offer full isolation from your main LAN.

For $99, I'd expect something that "just works" and nothing more.

My 00000010bits.

Regards

Re: router security using guest access

Thu, 11 Oct 2012 11:36:26 EDT

SoonerAl posted :

said by planet:

The Linksys E1500 is a cheaper router. Paid somewhere around $99.

I just saw an E1500 in one of our local Walmarts for $60 FWIW...

Re: router security using guest access

Thu, 11 Oct 2012 08:48:05 EDT

HarryH3 posted : IIRC, the Linksys guest access is unsecured. In this case, unsecured means unencrypted (No WEP, WPA/WPA2 on that connection). You can force the user to enter a password, but that just grants them access to the net. Their data is still passing as clear data.

Re: router security using guest access

Thu, 11 Oct 2012 06:36:47 EDT

SoonerAl posted :

said by planet:

The Linksys E1500 is a cheaper router. Paid somewhere around $99. The guest account is seen via SSID as an unsecured network. However, a password is needed to access the internet. I'm assuming it's similar to an open wifi (like Starbucks) where you'd be provided a password to get on the net.

I'm wondering how secure it is when not in use. Theoretically, could someone connect to the router and do mischief w/o accessing internet with needed password?

Have you tested that? I presume you have changed the routers admin password to something other than the default.

What happens if you use a program like inSSIDer on a wireless computer? Does the guest network showup as not being secured?

I would post to the Linksys forums for help with that question...

»Linksys

»homecommunity.cisco.com/t5/Wirel···_Routers

I would in anycase use a long password. The Cisco help page indicates you can use a max 32-character alphanumeric password...

»homekb.cisco.com/Cisco2/ukp.aspx···1461.xml

FWIW my ZyXEL cost me $20 a few years ago on sale, including an 802.11g USB adapter for a laptop, so cost is certainly not a factor...

Re: router security using guest access

Wed, 10 Oct 2012 18:39:14 EDT

planet posted : The Linksys E1500 is a cheaper router. Paid somewhere around $99. The guest account is seen via SSID as an unsecured network. However, a password is needed to access the internet. I'm assuming it's similar to an open wifi (like Starbucks) where you'd be provided a password to get on the net.

I'm wondering how secure it is when not in use. Theoretically, could someone connect to the router and do mischief w/o accessing internet with needed password?

Re: router security using guest access

Wed, 10 Oct 2012 14:20:09 EDT

SoonerAl posted : FWIW I have a ZyXEL NBG334W wireless router with a guest wireless network. In my case I keep the guest WLAN on 24/7 protected by a long ASCII key. I use the guest WLAN for guest devices (obviously) and for internet connectivity for my Wii game console and a DIRECTV wireless cinema connection kit (CCK-W). My guest WLAN is configured for up to 16 device IP addresses.

Provided you use a sufficiently long encryption key/passphrase and WPA2/WPA I see no reason not to simply leave the guest WLAN enabled.

Current home network

router security using guest access

Wed, 10 Oct 2012 13:33:30 EDT

planet posted : My Linksys e1500 router has a guest access feature that I like using for times when I have visitors wanting to access the internet using their own devices (IPad). I have mine set up to allow only one guest at a time. Otherwise I could allow up to 10.

My question, is there any way you are more vulnerable leaving your guest access on when not in use?

Taken from here: »www6.nohold.net/Cisco2/GetArticl···verted=0
The Guest network is a virtual network within your private network because it operates on a different IP address range (192.168.33.x). This allows your guests to connect to the Internet without becoming a part of your private network.