Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)2Degrees - Hyperfibre BYOD Unsupported / Issues (Deco X50 Pro)
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 
yaajme

34 posts

Geek


  #3258698 12-Jul-2024 10:41
Send private message

richms:

 

yaajme:

 

Got any links or suggestions? I have returned the deco.

 

 

SFP+ is https://www.aliexpress.com/item/1005006803881352.html - choose the 10g one

 

The switch I have is https://www.aliexpress.com/item/1005006278753506.html - It has a default IP address on it rather than DHCP which is a pain, but the UI is basic but functional. 

 

I changed the PSU to another one because the supplied US plugged one made an annoying noise.

 

I got the SFP+'s thtu the choice deals for less than that price, so once you have looked at a few of them you should start to see them come up in the deals.

 

 

 

 

I'll have a look into this, thanks!

 
 
 
 

Shop now on AliExpress (affiliate link).
michaelmurfy
meow
13193 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3258710 12-Jul-2024 11:11
Send private message

yaajme: Another option, which im unsure of the security related concerns is just to untag your VLAN on request of the ISP and jam it straight into your main machine - use a router over a bridged connection as an AP for WiFi.

 

Please don't ever do this.

 

I've seen this has just landed too: https://www.gowifi.co.nz/grandstreamnetworks/gcc6010.html - I haven't tried it but 2.5Gbit SFP ports and looks like it may be suitable for 2Gbit Hyperfibre. You'll need to just add a 2.5Gbit switch also (https://www.gowifi.co.nz/grandstreamnetworks/gwn7701m.html) to give multi-gigabit Ethernet to more devices. Then looks like the router itself can power some Grandstream access points.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

yaajme

34 posts

Geek


  #3258712 12-Jul-2024 11:16
Send private message

michaelmurfy:

 

yaajme: Another option, which im unsure of the security related concerns is just to untag your VLAN on request of the ISP and jam it straight into your main machine - use a router over a bridged connection as an AP for WiFi.

 

Please don't ever do this.

 

I've seen this has just landed too: https://www.gowifi.co.nz/grandstreamnetworks/gcc6010.html - I haven't tried it but 2.5Gbit SFP ports and looks like it may be suitable for 2Gbit Hyperfibre. You'll need to just add a 2.5Gbit switch also (https://www.gowifi.co.nz/grandstreamnetworks/gwn7701m.html) to give multi-gigabit Ethernet to more devices. Then looks like the router itself can power some Grandstream access points.

 

 

 

 

I did think this would have some security issues, but I dont know enough about networking to understand why. For learning sake, could you explain what the issues are with this? :D 



michaelmurfy
meow
13193 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3258725 12-Jul-2024 11:37
Send private message

yaajme: I did think this would have some security issues, but I dont know enough about networking to understand why. For learning sake, could you explain what the issues are with this? :D

 

Do you really want all internet traffic from the internet going through to your PC?

 

This is how many strains of malware spread. One notable recent strain was Wannacry. Sure, if you've got Windows Firewall enabled then your risk is lower but one vulnerability and you're compromised.

 

Don't risk it. Even if 2degrees are using CG-NAT. Just get a proper setup or question if you even need Hyperfibre in the first place.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

yaajme

34 posts

Geek


  #3258822 12-Jul-2024 14:42
Send private message

michaelmurfy:

 

yaajme: I did think this would have some security issues, but I dont know enough about networking to understand why. For learning sake, could you explain what the issues are with this? :D

 

Do you really want all internet traffic from the internet going through to your PC?

 

This is how many strains of malware spread. One notable recent strain was Wannacry. Sure, if you've got Windows Firewall enabled then your risk is lower but one vulnerability and you're compromised.

 

Don't risk it. Even if 2degrees are using CG-NAT. Just get a proper setup or question if you even need Hyperfibre in the first place.

 

 

 

 

I kind of get that, but doesn't the router face the same vulnerabilities and security flaws? What differentiates the two in regards to security - if an ONT is untagged and going into a router vs going into a machine it's still only being protected by the routers security, right?

 

In theory, having my static IP and any type of port forwarding open on the router would pose a higher risk than those two options?

 

 

 

Again, just wanna understand - its interesting :)

richms
27977 posts

Uber Geek

Trusted
Lifetime subscriber

  #3258825 12-Jul-2024 14:48
Send private message

Routers tend to only have one or 2 services that they need to firewall off from the internet - web interface and possibly some other management stuff.

 

PC has all sorts of obsolete apps, windows services etc that need to be blocked off. Only takes one mis-click to allow on all networks for something to end up with it open to the whole world to start playing with.

 

port forwarding things means its just the one service accessible that you know about and would assumedly ensure is up to date and patched.




Richard rich.ms

michaelmurfy
meow
13193 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3258842 12-Jul-2024 15:27
Send private message

^^ this 100%

Quite often many apps will attempt to port forward to themselves using UPNP also which is seen as a substantial security risk. Lets say you have an application (we'll use Discord as an example) on your PC that for some reason is exempt in Windows Firewall and a code execution bug exists then suddenly anyone on the internet can leverage that bug to compromise your PC.

 

With a standard network you've got ISP --> Router --> Network (NAT) --> PC however remove the router and you've not no NAT, you're straight out to the wild west of the internet. CG-NAT, which 2degrees use by default somewhat mitigates this but I still would never risk it.

 

Discord bug: https://www.vice.com/en/article/m7gb7y/researchers-find-vulnerability-in-software-underlying-discord-microsoft-teams-and-other-apps 




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

1 | 2 | 3 | 4 | 5 
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Logitech Introduces New G522 Gaming Headset
Posted 21-May-2025 19:01

LG Announces New Ultragear OLED Range for 2025
Posted 20-May-2025 16:35

Sandisk Raises the Bar With WD_BLACK SN8100 NVME SSD
Posted 20-May-2025 16:29

Sony Introduces the Next Evolution of Noise Cancelling with the WH-1000XM6
Posted 20-May-2025 16:22

Samsung Reveals Its 2025 Line-up of Home Appliances and AV Solutions
Posted 20-May-2025 16:11

Hisense NZ Unveils Local 2025 ULED Range
Posted 20-May-2025 16:00

Synology Launches BeeStation Plus
Posted 20-May-2025 15:55

New Suunto Run Available in Australia and New Zealand
Posted 13-May-2025 21:00

Cricut Maker 4 Review
Posted 12-May-2025 15:18

Dynabook Launches Ultra-Light Portégé Z40L-N Copilot+PC with Self-Replaceable Battery
Posted 8-May-2025 14:08

Shopify Sidekick Gets a Major Reasoning Upgrade, Plus Free Image Generation
Posted 8-May-2025 14:03

Microsoft Introduces New Surface Copilot+ PCs
Posted 8-May-2025 13:56

D-Link A/NZ launches DWR-933M 4G+ LTE Cat6 Wi-Fi 6 Mobile Hotspot
Posted 8-May-2025 13:49

Synology Expands DiskStation Lineup with DS1825+ and DS1525+
Posted 8-May-2025 13:44

JBL Releases Next Generation Flip 7 and Charge 6
Posted 8-May-2025 13:41








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







GoodSync is the easiest file sync and backup for Windows and Mac



RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
Hatch
GoodSync
Backblaze backup
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright