User Panel
User Panel
User Panel
|
Posted: 5/6/2024 5:34:43 PM EDT
We have no home automation devices connected to our network, just phones, computer, printer, and two TVs. My girlfriend purchased a salt monitoring device for our water softener. It is a network attached device from ezsalt.xyz. It connects to an app on a phone. I'm leery of hooking it up. The Registrant Country Code for the domain is Iceland. I'm running an Xfinity modem in bridge mode to a Linksys Smart Wifi router. The router has the ability to setup vlans or a DMZ but both are a bit above my head. My primary concern is that my girlfriend works from home for a pharmaceutical company in clinical trials which slightly elevates her as a target. I'm leaning towards telling her to return it. But if there's a way to isolate this device from the rest of my network, I'd appreciate any suggestions.
|
|
|
|
|
Posted: 5/6/2024 7:18:17 PM EDT
[#1]
I would imagine the water softener could be disconnected to the network at it's console, and you could activate it temporarily to check status. My father's thermostat had a wireless network capability, and we disabled it because he didn't use that feature.
|
|
|
|
|
Posted: 5/6/2024 7:34:39 PM EDT
[Last Edit: mak0]
[#2]
If your router supports a guest network you can enable it and connect it to that. It's effectively a second vlan that cannot reach your other devices.
|
|
|
|
|
Posted: 5/6/2024 8:06:25 PM EDT
[#3]
I would look to see if a non network salt monitor was available.
or ditch that PII invading shit and check the salt like once a week, on Saturday morning. |
|
|
|
|
Posted: 5/6/2024 8:23:37 PM EDT
[#4]
Quote HistoryOriginally Posted By mak0: If your router supports a guest network you can enable it and connect it to that. It's effectively a second vlan that cannot reach your other devices. It does have an active guest network. |
|
|
|
|
Posted: 5/6/2024 8:24:35 PM EDT
[Last Edit: subcomunic8r]
[#5]
Quote HistoryOriginally Posted By farfromhome: I would look to see if a non network salt monitor was available. or ditch that PII invading shit and check the salt like once a week, on Saturday morning. It is right next to the washer and dryer. I'd just have to get in the habit of checking it when doing laundry. ETA: Something I could do easily but she wants this. If I can implement it safely then I will. |
|
|
|
|
Posted: 5/6/2024 9:00:18 PM EDT
[#6]
What computer does she use for work?
I'd start with hardening that first. Unless her employer has.. in that case I wouldn't worry about it |
|
|
|
|
Posted: 5/6/2024 9:17:42 PM EDT
[#7]
Quote HistoryOriginally Posted By right_rudder: What computer does she use for work? I'd start with hardening that first. Unless her employer has.. in that case I wouldn't worry about it Work asset that is controlled by their IT department. Other than peripherals, I can't change shit. |
|
|
|
|
Posted: 5/6/2024 9:42:26 PM EDT
[#8]
Quote HistoryOriginally Posted By subcomunic8r: Work asset that is controlled by their IT department. Other than peripherals, I can't change shit. The IT department knows it's a WFH machine and has factored in less the. Enterprise class network security. Put another way, since you can't change anything m, if the box gets compromised it's not on you. About the IOT device, I'm extremely picky about what devices I allow in my home. I only use devices that support HomeKit because they do not require cloud support and are all locally controlled. My concern isn't about compromising my network but about the devices monitoring usage and reporting data back to some company or communist government. |
|
|
|
|
Posted: 5/7/2024 3:40:07 AM EDT
[#9]
Untrusted devices go on the guest network. Separate subnet with no routing to the trusted LAN. AP isolation enabled on the guest wireless so they can't interact with each other either. Basically they can go out through the router gateway and that's it.
In my case, untrusted devices even include the work laptop and work phone. I trust them even less than they trust me. |
|
|
|
|
Posted: 5/7/2024 9:37:42 AM EDT
[#10]
Guest network it is then. Thanks.
|
|
|
|
NE, USA
|
Posted: 5/7/2024 9:41:15 AM EDT
[#11]
Quote HistoryOriginally Posted By grambosc: Untrusted devices go on the guest network. Separate subnet with no routing to the trusted LAN. AP isolation enabled on the guest wireless so they can't interact with each other either. Basically they can go out through the router gateway and that's it. In my case, untrusted devices even include the work laptop and work phone. I trust them even less than they trust me. This. And even more so for the WFH machines. Modern IT cybersecurity has tumorous tendrils that grow out and grab ahold/break anything they can see. Best to put that in its own little box where it can't touch your home systems. |
|
|
|
Posted: 5/7/2024 3:14:14 PM EDT
[Last Edit: turtle2472]
[#12]
Quote HistoryOriginally Posted By 2ANut: This. And even more so for the WFH machines. Modern IT cybersecurity has tumorous tendrils that grow out and grab ahold/break anything they can see. Best to put that in its own little box where it can't touch your home systems. Yeah, I wouldn't give a corporate machine like that access into my network. It would be on the Guest network or purpose built VLAN. OP, putting the salt monitor on Guest is a great option for you. |
|
|
|
|
Posted: 5/7/2024 7:46:23 PM EDT
[#13]
Does the WFH machine connect through a corporate VPN? It should be secure.
|
|
|
|
|
Posted: 5/8/2024 12:18:24 AM EDT
[#14]
Quote HistoryOriginally Posted By mak0: If your router supports a guest network you can enable it and connect it to that. It's effectively a second vlan that cannot reach your other devices. This. Network segment and device isolation made easy. |
|
|
|
|
Posted: 5/8/2024 10:37:51 AM EDT
[#15]
Quote HistoryOriginally Posted By Moondog:
Does the WFH machine connect through a corporate VPN? It should be secure. |
|
|
|
|
Posted: 5/8/2024 10:43:14 AM EDT
[#16]
I did some digging, their app is on the up and up.
it does exactly what they claim it does and nothing more. I can't speak for the rest of their operation but they played by the rules on the application side of things and could have set it up to gather information if they chose to.. and did not. |
|
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
