- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Home Network Question...keeping unauthorized devices from connecting
Posted on 2/18/25 at 11:57 am
Posted on 2/18/25 at 11:57 am
Without going into a lot of detail I'm trying to set up our home network where an unauthorized device can't connect. Situation: My son's laptop is allowed on the network for school, so he knows the password for the network. Problem is, he gives his password to other kids and they connect too...I have been blocking unknown MAC addresses, but I'd rather whitelist his and have the router automatically block all others...is this possible?
7
Posted on 2/18/25 at 12:15 pm to NASA_ISS_Tiger
quote:Yes. Should be able to google your router model online and find the steps.
I have been blocking unknown MAC addresses, but I'd rather whitelist his and have the router automatically block all others...is this possible?
Posted on 2/18/25 at 12:36 pm to NASA_ISS_Tiger
The settings to whitelist should be near to where you're doing the MAC blocking. Exception would probably be if you had ISP provided shitty equipment.
His friends can get the password to the guest SSID, but my kids don't even know my non guest SSID password. They hand me the device, I punch it in. You can print the guest SSID/password on a QR code to make it easy for his crew, as my kids can't be bothered to remember even if I told them.
His friends can get the password to the guest SSID, but my kids don't even know my non guest SSID password. They hand me the device, I punch it in. You can print the guest SSID/password on a QR code to make it easy for his crew, as my kids can't be bothered to remember even if I told them.
Posted on 2/18/25 at 12:39 pm to NASA_ISS_Tiger
Your router should have options for whitelist or blacklist as most do but from a cybersecurity standpoint, leaking your password is not a good practice. Anyone can get your kid’s MAC.
Perhaps it would be better to set up a restricted guest network with QOS for parental or bandwidth controls. What if the friend has a mobile device? All this really depends on what you’re trying to allow or block specifically.
Perhaps it would be better to set up a restricted guest network with QOS for parental or bandwidth controls. What if the friend has a mobile device? All this really depends on what you’re trying to allow or block specifically.
Posted on 2/18/25 at 1:33 pm to NASA_ISS_Tiger
quote:
e knows the password for the network. Problem is, he gives his password to other kids and they connect too
Time to change the network password and not tell the son what it is.
Posted on 2/18/25 at 1:41 pm to Lonnie Utah
quote:
Time to change the network password and not tell the son what it is.
That's done already! When he comes back home, there's a learning curve for him.
Posted on 2/18/25 at 2:39 pm to NASA_ISS_Tiger
quote:
When he comes back home, there's a learning curve for him.
I'm not trying to sound like an a-hole, but that's his f'ing problem. I assumed you were talking about a pre-teen, not a kid in college. If your life depends on Wifi, you can be bothered to either remember what I tell you, or hand over your device and let me put the password in for you.
Generate the QR code for your new guest network here. Change password on original network, don't give it to him.
Posted on 2/18/25 at 3:04 pm to NASA_ISS_Tiger
if you are talking wifi, the only somewhat sure method is just regularly changing the wifi password. MAC addresses can easily be spoof'd.
Having said that, you should have an isolated guest network that anyone can connect to and nobody on that network can talk to the rest of your network. Then it doesn't matter.
Having said that, you should have an isolated guest network that anyone can connect to and nobody on that network can talk to the rest of your network. Then it doesn't matter.
This post was edited on 2/18/25 at 3:06 pm
Posted on 2/18/25 at 3:32 pm to NASA_ISS_Tiger
quote:
quote:
Time to change the network password and not tell the son what it is.
That's done already! When he comes back home, there's a learning curve for him.
You're better off going with a whitelist for approved devices. On Windows computers, it's trivial to view a WiFi password even if you enter the new password yourself on his computer and don't tell him what it is.
In a command prompt, as administrator:
quote:
netsh wlan show profile name= "Wi-Fi name" key=clear
Where "Wi-Fi name" is your SSID. Enter that command and you can see the password.
As others have mentioned, create a guest nework as well. The guest computers can't see your main network.
Posted on 2/18/25 at 6:45 pm to NASA_ISS_Tiger
Whitelisting MAC addresses is generally not very effective, most 14 yo kids know how to spoof a MAC.
Consider requiring client certificates? It can be a real PITA to maintain if you frequently have authorized devices be replaced frequently..... but it will keep intruders off the network.
Consider requiring client certificates? It can be a real PITA to maintain if you frequently have authorized devices be replaced frequently..... but it will keep intruders off the network.
Posted on 2/19/25 at 5:32 pm to dakarx
Make sure those big bad kids can’t get to your Alexa lights or Sonos equipment. The horror.
I am not sure what you are really worried about with segmenting guest and regular Wi-Fi at your house.
I am not sure what you are really worried about with segmenting guest and regular Wi-Fi at your house.
Posted on 2/19/25 at 5:43 pm to ColdDuck
Having the kids on a separate subnet/vlan is not always about security.
I have kids tablets on their own plan because I can shut it off and on at certain times. I also have them routed through cloudlflares family dns blocking them from adult sites. The main vlan uses the cloudflare ad blocker dns.
I have kids tablets on their own plan because I can shut it off and on at certain times. I also have them routed through cloudlflares family dns blocking them from adult sites. The main vlan uses the cloudflare ad blocker dns.
This post was edited on 2/20/25 at 8:37 am
Posted on 2/20/25 at 8:06 am to mchias1
quote:
cloudlflares family dna blocking
This is free, OP. Explanation here.
quote:
Malware Blocking Only
Primary DNS: 1.1.1.2
Secondary DNS: 1.0.0.2
Malware and Adult Content
Primary DNS: 1.1.1.3
Secondary DNS: 1.0.0.3
For IPv6 use:
Malware Blocking Only
Primary DNS: 2606:4700:4700::1112
Secondary DNS: 2606:4700:4700::1002
Malware and Adult Content
Primary DNS: 2606:4700:4700::1113
Secondary DNS: 2606:4700:4700::1003
Posted on 2/20/25 at 9:03 am to ColdDuck
quote:It's generally a good idea to keep unknown devices off your important networks. You don't know what they are running or what they can do. You can also apply QoS settings so they don't hog bandwidth.
I am not sure what you are really worried about with segmenting guest and regular Wi-Fi at your house.
Posted on 2/20/25 at 10:23 am to ColdDuck
quote:
Alexa lights or Sonos equipment. The horror
Yeah, they're all cloning MAC addresses at 12, but wouldn't have any idea how to set an alarm on either of those apps to turn on all the lights at 0300 accompanied by Celine Dion at full blast.
Maybe they think it'll be fun to delete all your locally archived music/videos off of your local network when they find them. While you're at it, whatever would they do with the tax returns you leave sitting on your desk?
quote:
If it wasn't for assholes like you (with the unlocked foot locker), there wouldn't be any thievery in this world
-Gunny Hartmann
Posted on 2/20/25 at 3:32 pm to NASA_ISS_Tiger
Set your DHCP to a range of 1 address allow something on the network to take that one address then statically assign leases based on MACs you know/trust.
This post was edited on 2/20/25 at 3:33 pm
Posted on 2/22/25 at 12:40 pm to LemmyLives
quote:
as my kids can't be bothered to remember even if I told them.
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News