John's Musings

Yeah, Me Neither

Network Security

Take a look at your Shared area in File Manager on Mac or in your Network Neighborhood in Windows (shudder). How many devices are there? Take a look at my list here.

Several devices THAT CAN ALL SEE EACH OTHERS SHARES! Someone hacks one device they have access to whatever is shared on your network. In the new Internet of Things (IOT) it seems everything is being connected. Light bulbs, cameras, washers, dryers, refrigerators, push buttons to order new detergent, you name it the world is more connected than ever. What if someone hacked your Amazon Tide Button? Then they could potentially see the shared contents of your laptop. Ouch.

For example many of these devices in my list simply don't belong on the same network as my SSN, and credit card numbers, and my password database. In that list is a computer hooked to a 3D printer, a computer simply not doing anything right now other than being on, some music servers, and an experiment I have running.

The smart thing to do would be to segregate those devices from my main network using a guest network and then ensuring that network CANNOT reach the primary network.

Okay, you're careful. You never go to porn sites. Nobody goes to McDonalds and nobody shops in Walmart either. Your teenager only reads the bible online.

Segregate your network already. Just do it. There are a variety of ways to do it. You can set up a guest network in your router configuration firmware, or you can create 2 physical, separate networks and firewall them off as I have done. is my critical network and is my guest only network and the only thing it can do is reach the internet. It can't see the computers on the 192.168.20 network at all. Period. No way.

This is accomplished by creating something called a Virtual LAN, (VLAN) and it is easier than you might think.

The internet is a dangerous place and with the advent of the Internet of Things it is even more so that way. Imagine if someone hacked your light bulb, your baby monitor, or your washing machine and gained total access to your network. Still think a guest network is a bad idea?