G+_Brendan F (phlegmer) Posted June 2, 2016 Share Posted June 2, 2016 Hello Fr Robert and Bryan, I enjoyed your revisiting of Steve Gibson's take on nesting routers to partition off networks based their functions. But what about those of us that have DD-WRT? Could all the hardware rigmarole be done by software on only one router using VLAN's and vAP's? I have not done this myself but if it's possible, perhaps a router followup show topic? Thanks much! Link to comment Share on other sites More sharing options...
G+_Eddie Foy Posted June 2, 2016 Share Posted June 2, 2016 VLANs work fine. Though there is 'VLAN jumping' But attacking the routers is a more likely entry point. Link to comment Share on other sites More sharing options...
G+_Fr. Robert Ballecer, SJ Posted June 3, 2016 Share Posted June 3, 2016 Short answer: VLANs are NOT a security measure. They're a network management feature. I use VLANs to strengthen the security I have setup with my authentication scheme, but it's too easy to jump VLANs if that's the only thing keeping me from the network I WANT to get into. Link to comment Share on other sites More sharing options...
G+_Cody Kochmann Posted June 4, 2016 Share Posted June 4, 2016 I think this sums up to a question of how much do you trust that the company absolutely nailed the separation of the networks? In this day and age, I'd say it's probably safer to simply buy a dumb router. Link to comment Share on other sites More sharing options...
G+_Shawn Ashe Posted June 8, 2016 Share Posted June 8, 2016 I've wondered the same thing.. thinking of looking for a more commercial router that I can vlan a physical net for some things, and a wireless net for others.. yet not have to have a closet full of equipment. Link to comment Share on other sites More sharing options...
Recommended Posts