Community discussions

MikroTik App
 
olly183
just joined
Topic Author
Posts: 15
Joined: Mon Jan 11, 2016 11:23 pm

Starlink, HAP ax2, Papertrail & OpenDNS

Sun Oct 01, 2023 2:08 pm

OK So I'm am engineer who know enough to get myself in trouble!
I travel a lot, to odd parts of the world, So when I find myself with the only connection to the outside world, it feels rude not to share it with my colleagues? But I do not trust them to not use my internet connection for dodgy business!
So I have decided to restrict Wifi access to the Starklink to specific Mac addresses, I make my colleagues fill in a form with their contact details and the mac addresses they want to conect with.
I have also setup a Syslog output on the HAP ax2 with Papertrail
I then could cross reference the Syslog if the authroities ever come calling?
Right now I am also trying to implement a DNS filtering service.... to further head off any unpleasantness...

1st off Starlink is outrageoulsy good
2nd I have successfully setup Syslog from my HAP ax2 to Papertrail.... I see the logs coming in
3rd I have experimented with OpenDNS, since Starlink is a dynamic WAN IP, OpenDNS appear to have the solution for me?
But when ever I try and setup the DNS settings on the HAP ax2 for OpenDNS it appears to halt the flow of the Syslog to the Papertrail service?

I'm assuming I need to add some firewall rules to allow the flow of logs to the Papertrail service, avoiding the block that the OpenDNS setup is creating? But so far I have found little info to guide me?

And finally, am I barking up the right tree, will the Syslog onto Papertrail help protect me if another party ever did something illegal over my Starlink connection?

Please feel free to comment on any part of this post....

Regards

Olly
 
User avatar
memelchenkov
Member Candidate
Member Candidate
Posts: 204
Joined: Sun Oct 11, 2020 12:00 pm
Contact:

Re: Starlink, HAP ax2, Papertrail & OpenDNS

Sun Oct 01, 2023 2:20 pm

> restrict Wifi access to the Starklink to specific Mac addresses
Not secure. MAC could be spoofed.

> I do not trust them
Do not share with them then.

Are you a soldier of fortune? Starlink, odd parts of the world, strange colleagues whom you can't trust...
 
olly183
just joined
Topic Author
Posts: 15
Joined: Mon Jan 11, 2016 11:23 pm

Re: Starlink, HAP ax2, Papertrail & OpenDNS

Sun Oct 01, 2023 2:32 pm

Yes Mac can get spoofed but how else can I reliably link a device to a user? I don't publish their mac addresses to other users. They also have to use their Physical Mac addresses as opposed to Randomised. And no one gets on the Wifi without the Mac enabling it, its not implemented at Firewall level, I'm creating a Mac access lit on the Wifi port... So its not like that an un-approved user can get on the Wifi to sniff around?

Yes but when you are the only one walking around talking to your wife on WhatsApp it gets awkward...

No even worse, I work in the FIlm & Television Industry....
 
User avatar
memelchenkov
Member Candidate
Member Candidate
Posts: 204
Joined: Sun Oct 11, 2020 12:00 pm
Contact:

Re: Starlink, HAP ax2, Papertrail & OpenDNS

Sun Oct 01, 2023 2:50 pm

So its not like that an un-approved user can get on the Wifi to sniff around?
Yes, it is. MAC can be sniffed, then spoofed. However, if your film&tv staff is not very tech-savvy (I mean, not hackers) and don't specially want to drown you they probably will not hack Wi-Fi. So yes you may then.
No even worse, I work in the FIlm & Television Industry....
Oh, it's another case then :))
And finally, am I barking up the right tree, will the Syslog onto Papertrail help protect me if another party ever did something illegal over my Starlink connection?
Not sure about U.S. laws, probably better to ask lawyer. Because such laws are very country-specific. In a common case you get a license, become a provider, sign an agreement with your customer, set up certified billing. What about if some friend/colleague use your connection, without any certified billing software and licenses... logically, someone must testify against. So, lawyer ask is better.
 
Moba
Member Candidate
Member Candidate
Posts: 213
Joined: Sun Sep 27, 2020 6:15 pm

Re: Starlink, HAP ax2, Papertrail & OpenDNS

Sun Oct 01, 2023 5:17 pm

So, lawyer ask is better.

Indeed, the best advice. Ironically, the film industry has lots of experience in taking legal action to protect their property online and in many parts of the world, even VPN providers have to comply with requests by local authorities in criminal investigations...

Who is online

Users browsing this forum: indnti, Rox169 and 19 guests