Should I unplug my Kuna? Or can it be secured?

Discussion in 'Chit-Chat' started by JDJ, Nov 2, 2018.

Share This Page

  1. JDJ

    JDJ n3wb

    Joined:
    Oct 19, 2018
    Messages:
    22
    Likes Received:
    9
    Location:
    Oregon
    I installed a Kuna exterior light before I knew anything about network security. Kuna is like Ring, allowing you to watch live video through your phone, serving as an intercom, etc. To set it up, you provide access to your Wi-Fi network, and it takes it from there.

    It's features are great, and it boosts the Wife Approval Factor (WAF) as a serious bonus. But if it can't be secured, I will disconnect it and go back to screaming, "Who's there?" every time the doorbell rings until I find a safer alternative. I'd rather have my network buttoned down.

    I searched the forum, and the Internet at large, but nothing jumped out at me in terms of some big specific risks. Generally speaking, once I've made a long, thorough search, the moment I confess my failure to find my objective numerous people show me how they instantly got endless results. I call this JDJ's Law of Information Technology #47.

    That being said, there's usually a lot of valuable additional information in the replies on this forum that add to my general knowledge, so there's that.

    So, is there a way to secure Kuna, or should I unplug it from Wi-Fi?
     
  2. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    26,767
    Likes Received:
    7,036
    Simply Connect it to your guest Network.
     
    alastairstevenson and JDJ like this.
  3. JDJ

    JDJ n3wb

    Joined:
    Oct 19, 2018
    Messages:
    22
    Likes Received:
    9
    Location:
    Oregon
    Thank you fenderman, I got the guest network to show up as a selection for the Kuna, and it completes the connection process and gives me a Kuna "success" message.

    But then Kuna throws a "Wi-Fi error/Camera offline" message.

    My Linksys WRT 1200AC router documentation revealed this interesting clue:
    NOTE: The Guest will appear unsecured in the list of available wireless networks. However, guests are always required to enter the guest access password once they open a web browser.

    Since it requires the password to be entered with opening a browser, I'm guessing that the Kuna hits that password request (which is invisible to me) and that stops everything.

    Is this possibly a limiting feature of the Linksys router itself, asking for a password only when a guest opens a browser?

    If I need to buy one of those sweet ASUS routers that folks around here talk about, I would not mind at all. But if there is a way to solve this on my current Linksys router I'd do that in the meantime.

    Thank you.
     
  4. fenderman

    fenderman Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    26,767
    Likes Received:
    7,036
    I am not familiar with the Linksys but I can't imagine that it doesn't allow U2 disable the password page request... Do some Googling...
     
    JDJ likes this.
  5. JDJ

    JDJ n3wb

    Joined:
    Oct 19, 2018
    Messages:
    22
    Likes Received:
    9
    Location:
    Oregon
    Will do. Thanks for your input.
     
  6. catcamstar

    catcamstar Pulling my weight

    Joined:
    Jan 28, 2018
    Messages:
    349
    Likes Received:
    135
    I googled a bit around as your question intruiged me: ASUS for example does have multiple (encrypted) guest wifi channels available, to even provide separated IoT "vlan"-alike networks, for these cams, google homes, rings etc. So I checked for this linksys, and indeed:
    So bottom-line: middlefinger and off you go.

    What are your options? Either you put a "simple" access point behind your Linksys, and make a "guest"wifi yourself, including WPA2 and other giggles. However, by chaining it underneath your Linksys, this Ring thing still has access to all your other LAN devices. Which is, in my paranoid state of mind, a no go. So having a second router next to your linksys might be a better solution, but then you need to switch wifi from the linksys to that other one to view the cam feed. OR, open a VPN tunnel towards the Ring. But then you are building up an immense difficult networking setup, tons of cables, tons of setups, and in the end, a nightmare to maintain. Depending on how far your leash goes with the wife, you can have a look in "doing it on your own", by doublechecking whether (or not) dd-wrt runs on your linksys - they might have a solution on guest wifi's for you. Or, you go to some "profession" range of networking gear (eg like Edgerouters), then you're up for some great adventure with vlans, firewalls, routing tables and all these fun things.

    Hope this helps!
    CC
     
    JDJ likes this.
  7. JDJ

    JDJ n3wb

    Joined:
    Oct 19, 2018
    Messages:
    22
    Likes Received:
    9
    Location:
    Oregon
    Thank you very much, that helps a lot.

    It looks like I can't run the Kuna securely on my current Linksys router, and my Linksys is generally lacking additional security features which are built into ASUS routers.

    So I'm planning to buy a router that people on the forum have talked about, the ASUS RT-AC68U which will hopefully be on a Black Friday sale.

    If the ASUS permits me to secure the Kuna on a guest network, great. If not, well, like you say, middle finger to the Kuna until I can secure it. There's no way I'm compromising security after what I've learned recently. At least I'll still have a nice looking porch light.

    I am also planning to eventually do the advanced stuff with vlans, firewalls, routing tables etc., but I have some distance to climb up that learning curve, so the ASUS router should serve me well until I get there.

    I appreciate your comment.
     
  8. catcamstar

    catcamstar Pulling my weight

    Joined:
    Jan 28, 2018
    Messages:
    349
    Likes Received:
    135
    With pleasure!

    I also started couple of years ago with an Asus RT87U, provided all what I needed back then, guest wifi, torrenting (ay ay), USB file sharing and more importantly OpenVPN. Make sure you read in what RMerlin is, and which benefits its carrying with it. (Un)fortunately, this RT87U (with dual networking chipsets) is able to handle vlans, but some ports carry dual chipset signatures, which makes them, in the end, unusable for hardcore networking tricks.

    Since last year, I did a huge (lol) investment of 56$ and bought an Ubiquity ER-X. Internet dives in on eth0, eth1 is vlan output for IPC/NVR, eth2 is for a fully separated (guest) wifi, and on eth3, there's the good ol' ASUS connected, which still holds my core LAN components like NAS, home theater & media hubs. The ER-X handles the vlans, but also intranet routing & firewalling (eg. I can dive in from VPN into IPC - but not all devices can). And with Ubiquity, you can go skyhigh with smartswitches, antenna's and even long-range devices. All toys for boys :D Worth the whopping 56$.

    Hope this helps!
    CC
     
    JDJ likes this.