I have a problem, I want a second internet source in my apartment for work purposes. My new company monitors your internet traffic so I want to keep work and personal separate, can't have them knowing how much time I spend on CP! lol
Does not sound like a big problem, but its a harder problem than expected. Spectrum owns rights as a provider in my zip code, does not allow multiple router + modem options meaning you can't have 2 internet sources for a single apartment. No major wireless carrier (att, sprint, Verizon) can offer a truly unlimited plan for mifi device (none-phone hot spot box) that would allow me to work from home 5 days a week with multiple hours of video conferences per day. Verizon offers unlimited but only 20g of high speed before crawling to the slowest pace on the market, att only offers 35g then they charge you $10 per 2g above, forget t-mobile.
What to do? How to get reasonable, reliable, unlimited, worry-free, quality 2nd internet? [Reply]
Originally Posted by kccrow:
Their VPN installed on his machine could monitor packets on his internal network to/from other devices on that network.
My suggestion? Build your own router with its own VPN and connect your work laptop with its VPN behind it.
Even if they had some kind of sniffer scanner on the work computer, which is incredibly unlikely and probably illegal, they would still be very limited in what they could see regarding the rest of the network. It would be almost impossible to get anything other than IP/OS version of any other device on the network. Modern OSes have had safeguards in place for these kinds of things for quite some time.
I get it. I see it all the time at work. People putting tape/PostIt on the camera, always worried about IT Big Brother stuff. Trust me, we have way more important stuff to do than spy on fellow coworkers. Nobody in the IT department gives one single shit if you stream midget porn all day. That's just not a valid use of resources for any entity outside of Hollywood movie writers. [Reply]
Originally Posted by kccrow:
Their VPN installed on his machine could monitor packets on his internal network to/from other devices on that network.
My suggestion? Build your own router with its own VPN and connect your work laptop with its VPN behind it.
Most mid to high end routers will allow two completely isolated networks. A packet sniffer in that scenario would be especially useless because it would be subject to the hardware firewall inside the router.
I know you want a internet hotspot, but you need a new router to solve this problem. [Reply]
Originally Posted by Fish:
Even if they had some kind of sniffer scanner on the work computer, which is incredibly unlikely and probably illegal, they would still be very limited in what they could see regarding the rest of the network. It would be almost impossible to get anything other than IP/OS version of any other device on the network. Modern OSes have had safeguards in place for these kinds of things for quite some time.
I get it. I see it all the time at work. People putting tape/PostIt on the camera, always worried about IT Big Brother stuff. Trust me, we have way more important stuff to do than spy on fellow coworkers. Nobody in the IT department gives one single shit if you stream midget porn all day. That's just not a valid use of resources for any entity outside of Hollywood movie writers.
I 100% agree and for most companies, it would be. I wouldn't work for one that put some type of priority on it as it's absolutely ridiculous micromanagement. If a guy is productive, I give zero fucks if he takes a 5 to cruise the interwebs for whatever tickles his fancy. Some, however, can't give up the micromanagement no matter the invasion of the worker's domain. That alone isn't worth giving your efforts for.
I can understand wanting to secure home environment networks, especially in today's world, but the best they can hope for is MFA with VPN, a good software firewall, and a secure router in reality. Feel free to correct me if I'm wrong. I doubt he has externally facing servers sitting in his basement that need to be behind a DNS monitor and IPS/IDS and all that jazzy stuff I don't care to know enough about and pay people that do. :-) [Reply]
Originally Posted by Fish:
Even if they had some kind of sniffer scanner on the work computer, which is incredibly unlikely and probably illegal, they would still be very limited in what they could see regarding the rest of the network. It would be almost impossible to get anything other than IP/OS version of any other device on the network. Modern OSes have had safeguards in place for these kinds of things for quite some time.
I get it. I see it all the time at work. People putting tape/PostIt on the camera, always worried about IT Big Brother stuff. Trust me, we have way more important stuff to do than spy on fellow coworkers. Nobody in the IT department gives one single shit if you stream midget porn all day. That's just not a valid use of resources for any entity outside of Hollywood movie writers.
Respectfully, you are wrong. When a major company decides to investigate you, they will use all of your electronic comms to their advantage, and do it effectively. [Reply]
Originally Posted by Couch-Potato:
Respectfully, you are wrong. When a major company decides to investigate you, they will use all of your electronic comms to their advantage, and do it effectively.
The immutable laws of physics do not apply to this mans apartment. [Reply]
Originally Posted by Fish:
Even if they had some kind of sniffer scanner on the work computer, which is incredibly unlikely and probably illegal, they would still be very limited in what they could see regarding the rest of the network. It would be almost impossible to get anything other than IP/OS version of any other device on the network. Modern OSes have had safeguards in place for these kinds of things for quite some time.
I get it. I see it all the time at work. People putting tape/PostIt on the camera, always worried about IT Big Brother stuff. Trust me, we have way more important stuff to do than spy on fellow coworkers. Nobody in the IT department gives one single shit if you stream midget porn all day. That's just not a valid use of resources for any entity outside of Hollywood movie writers.
This.
Furthermore, most companies for THEIR protection, use VPN connections that don't allow direct internet access. In fact, in order for them to spy on you, they probably have split tunneling DISABLED, meaning the VPN would route ALL traffic, internet and corporate/work related, to them for inspection. The second your client fires up a VPN tunnel, it would no longer be able to see your network because it's essentially directly connected to corporate.
Besides, there's nothing preventing you from putting your company computer in a sandbox. That's what I do. Not because I'm worried about corporate spying on me but because I work for a mega-company and our IT people in India aren't always the brightest. My work PC can't see anything on my network, even though I use the same internet connection, because I have it connected to a network that simply isn't connected to anything BUT the internet. [Reply]
Originally Posted by BryanBusby:
How are you even sure they are doing a full-tunnel VPN instead of a split tunnel, OP?
My initial thought is they're likely not running a full.
Most places don't allow split tunneling anymore unless they're a small mom-and-pop and don't want to pay for the additional bandwidth.
And quite frankly if they're so cheap or setup so simple that they do allow split tunneling, I highly doubt their IT practices are sophisticated enough to actually spy on him like he thinks. [Reply]
Originally Posted by Couch-Potato:
Respectfully, you are wrong. When a major company decides to investigate you, they will use all of your electronic comms to their advantage, and do it effectively.
I appreciate the reassurance, but I know for certain my previous organization was capable of monitoring my network, they did not provide the modem/router but paid for it, had language in the contract stating you would have zero privacy. How do I know they had this capability? Bc my manager would literally call you out for playing games on xbox, for watching inappropriate material on a personal computer, or submitting your resume to another employer just moments after you did so in an effort to intimidate you. You can't quit if you're broke and rely on them for money. I am pretty much a layman when it comes to IT but work for highly sophisticated organizations, I've seen and experienced other IT magic that you would not believe. The kind of companies making more annual revenue than most countries and consider themselves above the law. I understand VPNs and how they work, I have one for my personal devices. However, due to issues I had at my previous employer, I am highly sensitive and sure, even paranoid, in regards to these matters & would feel most comfortable with 2 entirely different internet sources.
You see, it's not all about "physics" for me, there's a psychological and emotional component as well, and I am just asking for answers specific to my question = "how best to get 2 internets in the same house efficiently?"
...Does anyone have a suggestion for a mifi hotspot with a legit unlimited plan, maybe for business instead of a personal account?
You're going to have to be more specific about your previous employer's setup if you want us to understand what you're looking for.
I not only work for one of the largest tech companies in the US, I have designed and delivered enterprise network solutions to some of the largest companies in the world, including the US federal government.
Saul and Fish have said it already - what you're saying they did isn't even possible, unless there's something about that setup that you haven't told us. [Reply]
I trust you know more than I do, believe me, it is a certainty. If you are so very tech-savvy and I am so dumb, please prove it further by solving the following problem that I'm having trouble with bc it would make me happy not bc it is necessary: What is the simplest and most cost-effective way to add a second internet source for my home office? lol
If paying multiple charges for data overdraft on a mifi box to work on is the answer (~$200-$250/mo), or paying for 2 mifi contracts and splitting time between them over the course of the month to ensure I have sufficient quality internet (~$100-150) is the best option, then fine. I can afford it, I'm just annoyed that this is the best option.
So I'm curious, to ask my friends here at CP, kindly, if any of you might have a more effective solution than this? [Reply]
Originally Posted by Couch-Potato:
I trust you know more than I do, believe me, it is a certainty. If you are so very tech-savvy and I am so dumb, please prove it further by solving the following problem that I'm having trouble with bc it would make me happy not bc it is necessary: What is the simplest and most cost-effective way to add a second internet source for my home office? lol
If paying multiple charges for data overdraft on a mifi box to work on is the answer (~$200-$250/mo), or paying for 2 mifi contracts and splitting time between them over the course of the month to ensure I have sufficient quality internet (~$100-150) is the best option, then fine. I can afford it, I'm just annoyed that this is the best option.
So I'm curious, to ask my friends here at CP, kindly, if any of you might have a more effective solution than this?
If there's no other wireline service available in your area due to the carrier agreements Spectrum has in place, cellular or satellite are really your only options unfortunately. [Reply]
Do you have any neighbors that you are friends with or at least trust? Somebody suggested earlier just pay or split their bill and use their wifi. Probably best if it's an old person as they likely won't have any monitoring setup. [Reply]
Originally Posted by htismaqe:
If there's no other wireline service available in your area due to the carrier agreements Spectrum has in place, cellular or satellite are really your only options unfortunately.
I genuinely appreciate your response, thank you, friend. [Reply]
Originally Posted by Couch-Potato:
I genuinely appreciate your response, thank you, friend.
I'd still like to hear more about your setup with the previous employer.
I'm genuinely intrigued by how they could spy on you like that. All incredulity aside, the guys aren't wrong - what you said they did is EXTREMELY difficult to do (aka impossible) without very specific solutions in place to do it. [Reply]
