
Ask HN: Securing internet shared with neighbor - Millennium5
I have just moved into a new flat and while trying to get my internet connected have discovered that my flat and the neighbor&#x27;s are not legally subdivided - meaning that we can only have one internet connection.<p>If we do end up sharing a connection how can I ensure that my traffic is kept private and that the shared connection doesn&#x27;t introduce any security vulnerabilities?<p>My best idea so far is to split the connection into two subnets and with each having a blanket ban rejecting traffic from the other but I haven&#x27;t physically implemented anything like that before and I&#x27;m not sure if it is feasible in practice.
======
freestockoption
How much do you care? How much do they care? I go to lots of people's houses
and they openly give me the wifi password to their network.

That said, having security is good. And building networks is fun. :)

If you are comfortable with a little Linux you could get a router and reflash
with OpenWRT. Divide into 2 different VLANs. Have one port on the router
connect to your VLAN and the other port connect to your neighbor's. If you use
your own router on this port, you would treat this port as WAN and your own
network as LAN. It would probably be NATed so your neighbor would have a
harder time getting into your network. The OpenWRT GUI makes it pretty easy,
but it helps to know a little about subnets and routing.

For a commercial solution, you could get a Ubiquiti Unifi gateway with a Unifi
switch. Basically does the same thing. I'm not sure I would say their GUI is
easier or harder than OpenWRT. You still need to know a little about
networking.

If you don't sufficiently trust your neighbor having access to the WAN port,
you could connect your own VPN router to your port on the VLAN.

------
raybb
As long as you're sharing the network you'll be vulnerable on some level. One
easy fix could be to setup a VPN so all of your traffic is encrypted.

