Hi there,

I am setting up my apartment which is split into two rooms.
I am a bit concerned about internet shared to people. Is there any best practice to block any form of illegal use of internet, or use of the modem ports for some form of illegal act? I wouldn’t like to have people doing anything they shouldn’t under my name.

I will be issuing a document so that they sign before they start their stay but maybe any form of protection from your past experiences would be of great value.

One other thing… Do you hide your internet modem or leave it visable?

I don’t do anything. If it happens it happens and you won’t have any of it on your devices. Plus the dates will match up with the guests staying.

I wouldn’t be worrying. I can’t imagine guests are coming to your property specifically to illegally download anything. In the event that they do, I can’t imagine it would be enough to get you in trouble with your internet provider.

Yes, I have certain sites and torrents blocked for my guests.

I had a guest taking up the complete bandwith because he was downloading movies and tv series.
other guests started to complain about slow internet.

I also have some advanced QoS scripts running to improve availability to all guests. I a guest want to make a skype/facetime call, it should not be hindered by someone watching Netflix.

@Maggy Guests regularly download copyrighted material (usually HBO shows) at our places, despite putting in house rules that bit torrent, etc downloads are not allowed. We get cease and desist letters all the time. We’re not even talking an intern who’s here for a summer and bored at home, we’re talking guests from Switzerland here for a quick visit, but want to watch the first season of Ballers or something.

I would also love to know how to block file sharing sites and this has reminded me that I have to make it a priority to take care of this.

Make a guest wifi!!! This is for your safety. I have one and I have several torrenting and dowload key words blocked. I have in my rules to not illegally download or torrent and one idiot strikes up a convo about how he’s torrenting some show. The look on my face! Ha, I promptly went to my settings and blocked a bunch of sites and his computer specifically so he could only use his cell phone.

I get a lot of traveling freelancers/interns who are in the web industry and could easily hack their way into my personal stuff so this is why I have my settings the way they are. I have my wifi device behind my couch. It’s semi visible, but if anyone touched it I would see them.

Yes, my husband has a guest wifi set up with no password and only basic websites are allowed. It’s nice since we self check-in most of the time and I don’t have to worry about them finding the wifi password and it’s limited what they can access.

Thanks to all for your replies!

I mentioned previously if you leave your modem visible or do you hide it?

If you have [No Downloading/Torrenting illegal or copyrighted files] Can you keep the deposit?

Good idea!
you can “scare them” by keeping the deposit (or create a secondary) deposit in case of illegal downloading or malicious use of internet.

You need to have a little knowledge, but actually it is quite easy.

You cannot do this with a simple consumer router.
You need a router that is capable of DPI (Deep Packet Inspection), such a router can block torrents with some simple firewall rules.

These routers are not expensive, just need little knowledge to setup. (You can even find tutorials online)
https://www.ubnt.com/edgemax/edgerouter-lite/

(these have no wifi, and need an exrta acces point)

The sites itself you can block by using OpenDNS, this will stop people from going to Filesharing sites, it will not stop already running torrents.

But Nothing is 100% proof, people can still use VPN services, but then authorities will not come and nock on your door.

I’m surprised that one can do this reliably. How one automatically distinguish between filesharing sites and other sites? Or is the idea to block torrenting? In which case, you will also be blocking legitimate users as well.

There are 2 different things:

1. I block certain sites based on DNS. (Porn, Adware, etc)

2. I block peer-2-peer filesharing based on DPI and Firewall. DPI identifies packages going trough the router, and identifies them based on the header. The firewall then drops the packages that are identified as torrent. All other go trough without problem.

I have to come across the first guests that is using torrents for ligitimate use. Legitimate use is just theory.
If they come to me and ask, I can open the firewall with a few mouse click, but up until now nobody ever asked.

Then you’d have to have a list of bad addresses. Where do you get those from? Just curious.

Fair enough. I imagine that legit use of bittorrent isn’t common, though I’ve used it for downloading software in the past (usually installation disks, I think).

I wasn’t aware that packages that were part of a torrent were identifiable from the header. Is that port information, or something else?

A filtered internet connection is not an internet connection.

It is not my job to keep guests from breaking the law, so I don’t care what they download or distribute. And I am definetly not going to block sites or filter their access. Again; what they surf is none of my business.

My advice; just get a decent mid to high-end router with QoS settings. I set my network up so web surfing, VoIP and real-time stuff (video streams, skype, google hangouts etc) run smoothly no matter what the load is.

If you are paranoid about letting them onto your LAN, most routers at this level will let you set up a second SSID. This “guest wifi” will be physically separated from everything else. Done and done.

As a business traveller, I would be totally annoyed by such a senseless restriction to “basic websites”.

In some countries it is your business. You are responsible for your internet connection, and if people are doing illegal stuff, you have to proof that it was not you but a guest.

I rather block torrents, then spend my time answering cease and desist letters.

I use opendns.com.
I have set their DNS server as the DNS for my guest network.
On opendns I can choose what kind of sites to block.

For identifieng torrents, it goes a little deeper than just the header: Here some more information:

I see. Does opendns.com have its own blacklist then?

Thanks for the link. Except that it doesn’t actually give any information about what it does. But hey, it’s proprietary.