networking

2810 readers

1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 1 year ago

MODERATORS

[email protected]

[Question] Protecting outdoor LAN port from infiltration? (lemmy.ml)

submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

12 comments fedilink hide all child comments

If you have an outdoor Ethernet port—in my case with a WiFi AP connected—how can you go about protecting your network from somebody jacking in?

Is there a way to bind that port to only an approved device? I figured a firewall rule to only allow traffic to and from the WiFi AP IP address, but would that also prevent traffic from reaching any wireless clients connected to the AP?

Edit: For more context, my router is a Ubiquiti UDM and the AP is also Unifi AP

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 3 months ago (1 children)

https://en.m.wikipedia.org/wiki/IEEE_802.1X

The standard directly addresses an attack technique called Hardware Addition where an attacker posing as a guest, customer or staff smuggles a hacking device into the building that they then plug into the network giving them full access.

[–] [email protected] 2 points 3 months ago

Yup, I had to implement this for a customer once, and while it was a paid, it does require authentication before getting access to the network.