1

I live in a student house with 2 guys and a girl and I'm not very tech-savvy. When we moved in we got Virgin Media broadband. I have set this up before and the admin panel is very basic with no features that allow you to be intrusive.

Shortly after moving in, one of my housemates (let's call him Steve) started insisting we used his router instead to get a "better connection". He brought out this big, round, white box with a blue circle on the top and plugged it into the back of our Virgin Media router. This created a new hotspot and the Virgin router now has a red light on the front.

The new box appears to be running "UniFi OS". Which seems to be network management software. I was fine with this, thinking it was nothing our of the ordinary.

Where things get weird

The next day, Kaspersky alerted me of a "Network Attack". It said that someone was running a Port Scan on our network. I questioned Steve about this and he gave me some technical jargon (something about an RF environment), but he said it was something he did manually to map out the network.

A day or so later, one of my other housemates said he saw Steve looking at our web history (sites visited e.t.c.) via an app on his phone. I also saw him briefly looking at an app that had a list of every device on our network. (I assume that's what the port scan was for)

I am very uncomfortable with someone being able to see all the sites I am visiting. From a privacy and security standpoint. Especially considering none of us have access to the router control panel.

My question...

Would it be possible for me to re-enable the original Virgin Media hotspot and for him to continue using his router as a separate network? Or would he still be able to see our traffic? Ideally I'd like a solution that keeps both parties happy.

I am not very skilled in networking so really have no clue if any of these options are possible. My biggest concern is Steve making us think we've switched back to the old router but is still monitoring us. Is there any way I could check this?

Archie
  • 11
  • 2
  • 3
    This looks solely like human problem for me, not a technical one. You have someone in charge of your network who you don't trust. Don't make him in charge of the network then. This is not different from giving someone you don't trust a key to your room. While going back to the old setup might work someone technical savvy might find a way here too. These should better be solved at the non-technical level. If not possible then use a VPN, which will protect your privacy even when you cannot trust your own network. – Steffen Ullrich Sep 26 '21 at 11:35
  • This is not a security issue. Your questions are more of a networking issue, but the solution isn't even technical. Your network can work fine without Steve's extra equipment. So, remove Steve's equipment. This becomes an interpersonal issue, not a technical one. – schroeder Sep 26 '21 at 11:46
  • 1
    @SteffenUllrich +1 for `If not possible then use a VPN,`. OP, that is your solution. Anyone who has access to your local router and your ISP can see what sites you are visiting, because this is exposed by SNI, your DNS queries, and the destination IP's of your HTTPS packets. The solution to this problem is to use a VPN (although then your VPN provider will be able to see what sites you are visiting. See https://security.stackexchange.com/questions/248164/relationship-between-dot-doh-and-https for more info. – mti2935 Sep 26 '21 at 15:54

0 Answers0