[Hidden-tech] Separate lan for company laptop

Robert Heller heller at deepsoft.com
Mon Mar 4 03:15:58 UTC 2019 

At Sun, 3 Mar 2019 15:02:47 -0500 Andy Klapper <atk at AndyKlapper.com> wrote:

> 
> Content-Language: en-us
> 
> 
> Good morning all,
> 
>  
> 
> My plan is to have the laptop hardwired into a docking station, at least I
> assume they are going to be sending me a docking station.
> 
>  
> 
> The router is an ASUS RT-AC68U with the latest update applied.  I suspect
> that it can create a separate LAN for the laptop.
> 

That is what you want to do.

>  
> 
> My current theory is that a network switch (as opposed to a hub) placed
> between the cable modem and the router with three connections (the cable
> modem, router and laptop) will provide the security that I want, an extra
> port (which I also need) and a very easy setup for the cost of a switch that
> was sitting in my cabinet gathering dust.

This probably won't work, unless you talk to the cable company about giving
you a "second" service and that might not be possible, depending on how the
cable modem works, if it is possible, it will cost you extra... It is likely
that the cable modem is only going to provide 1 IP address (currently being
used by the router's upstream connection). This leaves the laptop "out in the
dark" with no IP address (well this is sort of the ultimtate security - no
connection at all, but not really what you want).

Oh, nobody uses Ethernet hubs anymore.

> 
>  
> 
> If this solution isn't as secure or has some other issues that in my
> ignorance I'm unaware of please let me know.
> 
>  
> 
>  
> 
> Andy
> 
>  
> 
> From: Hidden-discuss <hidden-discuss-bounces at lists.hidden-tech.net> On
> Behalf Of Donald M Stevens via Hidden-discuss
> Sent: Sunday, March 03, 2019 8:15 AM
> To: Aaron E-J <the at otherrealm.org>
> Cc: hidden-discuss at lists.hidden-tech.net
> Subject: Re: [Hidden-tech] Separate lan for company laptop
> 
>  
> 
> Good morning andy,
> 
>  
> 
> If your current router offers WiFi, you could just use the company laptop,
> connect to your home WiFi "Guest" network, then your business laptop will
> have access to the internet, but not anything on your internal network. (of
> course you won't be able to print to your home network printer if you have
> one).
> 
>  
> 
> The "Guest" WiFi network be default on most routers works this way.
> 
>  
> 
> Can you post the make / model of your home router? That will give us some
> idea of the options you might have. (unless you don't want anyone to know
> that)
> 
>  
> 
> Are you planning on connecting your work laptop with a wire and not
> wireless?
> 
>  
> 
> There may also be an option for DMZ, this allows you to create an area where
> you laptop can sit, outsiders like your work, will have access, your
> business laptop will have internet access, but no access to the rest of your
> home network.
> 
>  
> 
>  
> 
> Thanks!
> 
> Don
> 
>  
> 
> TFI Technologies
> 
> "we are here to help you.."
> 
> 329 Pease Road
> 
> East Longmeadow, MA 01028
> 
> Office: 413.308.4511
> 
> Cell / Text: 860.614.4153
> 
> Email: dstevens at tryandfindit.com <mailto:dstevens at tryandfindit.com> 
> 
> LinkedIn:
> <https://www.linkedin.com/in/don-stevens-504aa6b?lipi=urn%3Ali%3Apage%3Ad_fl
> agship3_profile_view_base_contact_details%3Bzo%2BD4wDfQ%2FCDVF26QLPsXw%3D%3D
> > linkedin.com/in/don-stevens-504aa6b
> 
> Skype: tryandfindit
> 
>  
> 
>  
> 
> From: Hidden-discuss <hidden-discuss-bounces at lists.hidden-tech.net
> <mailto:hidden-discuss-bounces at lists.hidden-tech.net> > On Behalf Of Aaron
> E-J via Hidden-discuss
> Sent: Saturday, March 02, 2019 10:22 PM
> To: hidden-discuss at lists.hidden-tech.net
> <mailto:hidden-discuss at lists.hidden-tech.net> 
> Subject: Re: [Hidden-tech] Separate lan for company laptop
> 
>  
> 
> Most routers have the ability to set up a guest network (I know that Netgear
> does and I think that other companies have similar things).  If you login to
> the router, look for something that has 'guest' or 'subnet" in its name,
> enable it and uncheck "Allow guest to access My Local Network" (at least
> that is what you do on Netgear).  I would keep a firewall in place though,
> because the firewall is mainly preventing malicious incoming traffic from
> getting in.  There isn't much that you can do to prevent them from knowing
> that things are coming from the same place unless you set up a VPN but
> placing your work computer in a different subnet will allow you to share
> files in your personal network without risking it being seen by your
> employer.
> 
> Aaron E-J
> The Other Realm LLC
> http://otherrealm.org
> http://theotherrealm.org (Blog)
> 
> On 2019-03-02 5:46 PM, Andy Klapper via Hidden-discuss wrote:
> 
> I've spent a lot of time working remotely for various companies but I just
> got a new job where I am being issued a company laptop (in the past I've
> been a consultant and provided my own hardware).  Because this is company
> hardware they can put anything they want on the laptop and I not only have
> zero say on it but they don't even have to tell me what they put on the
> laptop.  I would like to structure my home network so that this laptop sits
> outside of the firewall that surrounds my home network.  How do I go about
> doing that?  Is it as simple as putting a small inexpensive router between
> my cable modem and my primary house router?  Do I need to do more to secure
> my home network from my foreign hardware?
> 
>  
> 
> Thanks,
> 
>  
> 
>  
> 
> Andy.
> 
>  
> 
> Andy Klapper
> 
> Asgard Technology Group, LLC
> 
> Making Complex Software Simple
> 
> AndyTK at Asgard-Tech.com <mailto:AndyTK at Asgard-Tech.com> 
> 
> (860) 805-1189 (cell)
> 
>  
> 
>  
> 
>  
> 
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
> <mailto:Hidden-discuss at lists.hidden-tech.net> 
>  
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
> 
>  
> 
> 
> MIME-Version: 1.0
> 
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
> 
> You are receiving this because you are on the Hidden-Tech Discussion list.
> If you would like to change your list preferences, Go to the Members
> page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members
> 
>                                              

-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Custom Software Services
http://www.deepsoft.com/  -- Linux Administration Services
heller at deepsoft.com       -- Webhosting Services

Google
More information about the Hidden-discuss mailing list