I like OpenWRT because it gives you a lot of customization options. Is the Verizon one a combined modem/router? If you want to add your own router, you might have to call them and ask them to put it into bridged mode. has lots of great documentation that lays out exactly what you're looking for and then some.Īs of June 2023, what is the best router that I could buy specifically for ease of use with all things pi-hole related That way, the WLAN connection will not be bridged to the wired Ethernet connection.Things just got a little weird, my current network is down, I'm a newb trying to start from the ground up and I found out I actually have another (newer) wifi router. To prevent this from happening, you can turn off bridging in clients. Some third party uses that client Wi-Fi connection to hack through the user's laptop into the corporate network. The user authenticates via Web interface or some other means to the Internet service at the coffee shop, but the coffee shop is not using WEP or WPA, leaving him wide open.Ĥ. The user plugs in a wireless adapter and sees an available access (maybe at the local coffee shop next door or a neighboring company).ģ. The user's laptop is hard-wired to the private LAN at their desk.Ģ. The problem scenario is this, if I understand it correctly:ġ. For the scenario you describe, as well as to meet security needs of your staff using wireless outside the company (at home, at hot spots), make sure you've installed personal firewalls on the laptops and that they're running the latest anti-virus software. It sounds like you want to prevent someone from wirelessly accessing a laptop that is also connected to the wired network. It's also possible to set up Active Directory to override the configuration on the client hardware, so there may be a mechanism within Active Directory to disable interfaces. You could define the docking profile, for example, to disable the wireless interface and the non-docked profile to have the wireless interface enabled. In the case of Windows XP on a laptop, used with a docking station, Windows can maintain separate hardware profiles. Your ability to control which interface is used is client-dependent. However, there is software and WLAN equipment that can prevent a client from gaining access to your secured network through a non-authorized network interface on the client. I am not aware of any software that will block RF to your PC. The key feature and functionality of such technology is to control the policy centrally and disallow the user to modify the policy on the client. The only technology that helps in this case is personal firewall software. However, depending on the network security policy of your company, it may be necessary to provide client software that denies access to any network not considered an approved network. In the simplest case, even if a wired client gets access to a WLAN through a different interface on the PC, a thorough rogue access point detection and containment system would disallow the client from sending any traffic to the access point that may be providing service to the Internet. There are multiple layers to the problem, and as a result multiple facets to a solution. You are right to be concerned about your existing wired clients on your private LAN getting access to the Internet through wireless technology, bypassing your internal security infrastructure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |