A second router protects adults from kids

Installing a second router on your home network can segment the adult computers from those used by children.

If you live in a home where parents/adults have one or more computers, children have their own computer(s), and everyone shares a single Internet connection, then you should consider a second router.

While the main function of a router is to let multiple computers share a single broadband connection to the outside world, it is also invaluable in offering firewall protection. Firewalls that run on your computer have their place, but you are much safer with the additional protection offered by the firewall in a standard, ordinary, consumer-grade router. Previously, I suggested that even someone with only one computer get a router, just for the firewall protection.

Last week, Leo Notenboom, of Ask-Leo.com, wrote about using a second router to protect adults from children sharing the same Local Area Network (LAN) at home (see How do I protect myself from my children? )

Leo targets Windows users, and I take it as a given that no mix of defensive software offers perfect protection on a Windows machine. That said, the networking scheme he discusses is applicable and sensible regardless of the operating system running on any single computer. If you are an adult, sharing a network with children, and the health and well-being of your computer is important to you, then investing in a second router makes sense.

The basic idea that Leo suggests is to put the adult computers in their own LAN, protected by the second router from the LAN segment with the children's computers. Everyone still shares the single Internet connection.

In addition to the firewall, the NAT feature in a router also offers protection. For example, if the kids use private IP addresses* such as 192.168.1.x then the adults can use private IP addresses in the range 192.168.8.x. Assuming everyone uses the default subnet mask of 255.255.255.0 (a topic for another day) then the adult computers and the kids' computers can't directly talk to each other.

This networking scheme does not eliminate the need for firewall software in each individual computer.

This approach may also apply to a small business if certain computers do work that is judged to be much more important than others. Here too, the small expense of a second router offers additional protection to the most important computers. Taking this even further, it is not at all unreasonable for a small business to ban an important computer from ever touching the Internet.

Finally, anyone installing a new router should read my earlier posting Defending your router, and your identity, with a password change .

Update. September 27, 2008. For more on this subject, see my follow-up Using a second router: A techie how-to

*For more on public vs. private IP address, see What does your IP address say about you?
See a summary of all my Defensive Computing postings.

About the author

    Michael Horowitz wrote his first computer program in 1973 and has been a computer nerd ever since. He spent more than 20 years working in an IBM mainframe (MVS) environment. He has worked in the research and development group of a large Wall Street financial company, and has been a technical writer for a mainframe software company.

    He teaches a large range of self-developed classes, the underlying theme being Defensive Computing. Michael is an independent computer consultant, working with small businesses and the self-employed. He can be heard weekly on The Personal Computer Show on WBAI.

    Disclosure.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.