I know it’s overkill, I got old system w/ OPNSENSE to managed switch and Ubiquity Access Points for WiFi.
Privacy Guides
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
- We prefer posting about open-source software whenever possible.
- This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
- No soliciting engagement: Don't ask for upvotes, follows, etc.
- Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
- Be civil, no violence, hate speech. Assume people here are posting in good faith.
- Don't repost topics which have already been covered here.
- News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
- Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
- No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
- No misinformation: Extraordinary claims must be matched with evidence.
- Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
- General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.
Additional Resources:
- EFF: Surveillance Self-Defense
- Consumer Reports Security Planner
- Jonah Aragon (YouTube)
- r/Privacy
- Big Ass Data Broker Opt-Out List
Same! Although my opnsense is virtualized.
Same!
Pfft, overkill is two fanless minipcs running OpenBSD and pf in an active/passive ha config and Ubiquity APs.
I've been putting up tp link omada hardware in a few offices. very stable and easy to use
Whatever you decide on be a good neighbor and go with 5GHz only if at all possible.
I can't make and verify the performance of a 5GHz antenna. I wish I could, but a 5GHz VNA is a pricey bit of kit. I'm limited to the room I place the router and need it to still work through 9 walls and past a bunch of appliances. At least with a directional antenna I'm not projecting a donut passing through all my neighbors houses.
Thats true. A directional antenna helps a lot
Love my mikrotik hex they have more advanced hardware and I just use a tp link as an access point. I migrated from a ddwrt and it's got all the features you could ask for
I run a Linksys E8450 Wifi6 router on openWRT and have had great results so far. Out of the box the antennas are internal but people have done modifications to add external antenna ports
I've been using OPNsense for a year now and I'm very happy with it. Fully open source, very stable and it offers all features you'll probably need. Runs on pretty much every hardware and is based on FreeBSD.
I used OpenWRT for ages on all kinds of different hardware. The next logical step up for me was into the Ubiquiti product line. That gave me a lot of the power and configurability of the OpenWRT world in something that was a lot easier to use. (Plus, their access points are quite nice.) I chose the Dream Machine Pro. It was rack-mountable, so I bought a cheap rack and put it on a shelf. I also decided to buy Ubiquiti access points and switches to take advantage of all the network management features of their OS. I have one place where I monitor, update, and configure everything, and it's about twenty times easier than keeping things updated in OpenWRT.
I'm so using an older Asus AC86U. It's receiving updates still and works just fine.
Honestly, It depends on your threat model. Some basic steps of security your network are more than enough for most people.
Assuring your endpoints are always up to date
Assuring you change the default SSID name and Password
Assuring you disable all features you dont utilize
If you're worried about the company viewing your data on the router, utilize a device level VPN or set up a router/Box that all traffic goes through before you hit the router (As others have mentioned) with a standalone AP and router/model so you can VPN before any traffic hits the router.
I just a bunch of GL.iNet routers. I know China. I know.
I never plan to go to China and my threat is western companies and governments, so china seems fine.