2
I recently moved to a new place, and the landlord provides our network via an ethernet connection that I connect my own router to. I can't see or ping anything back up the network, but I want to make sure they can't access anything on my network/server or see my devices, and I want to set up a guest network as well, to prevent my guests from accessing my server. How can I do this? I'm on a Cisco router running DD-WRT.
Thanks!
imthebestever
Posted 2015-03-04T17:01:48.043
Reputation: 21
3
It sounds like you're probably using NAT for your own internal private subnet. Couple that with firewall capabilities of DD-WRT and only opening ports inbound that you approve (implicit deny), and you should be safe.
Note that any plain-text traffic traversing that link is not safe. It could be subject to snooping by the landlord on his upstream equipment. If you are concerned about this, you might consider a VPN tunnel for all traffic, or be aware of your sensitive traffic and ensure it uses secure and encrypted protocols.
armani
Posted 2015-03-04T17:01:48.043
Reputation: 576
So I want to use NAT or I want to avoid it? Am I doing my routing or is their router? Should I turn off DHCP on my end? – imthebestever – 2015-03-05T20:26:26.733
You should use your router to NAT, segmenting your network from the one above it (landlord's). The only "routing" you'll be doing is treating the upstream interface as a WAN port and your NAT'd net as your LAN. Use DHCP on LAN only, unless you static IP all your devices. – armani – 2015-03-05T22:53:26.167
this is a DD-WRT configuration question, not an InfoSec question as per the FAQ – schroeder – 2015-03-04T19:44:21.930