Security Basics mailing list archives
Re: Home wireless free hotspot
From: Adam Mooz <adam.mooz () gmail com>
Date: Mon, 15 Mar 2010 21:08:19 -0400
Hey John, You might want to take a look at DD-WRT, it has built in facilities for this, some of them ad-supported earning you some cash as well, if you want to go that route. It also has isolation for that access point built right in. Since you're talking about running two AP's simultainously my recommendation is that, with both of them running DD-WRT, you have one in the 'hot spot' mode and handing out it's own addresses on a different RFC1918 address range while the private router has the port your public AP is plugged into setup as 'isolated.' Another option, if your modem signs into the internet (opposed to your router doing) you can put a switch in front of the routers (or if your modem is one of those horrific all-in-one wireless router with X ports on the back). If your network supports this then this would be the most secure way to go, and potentially the easiest to setup. You could also look into the La Fonera project... I hope this makes sense, I'm dead tired...if it doesn't or you have any questions I should be more awake in the morning and would be more then happy to help. ----------------------------------------------------------------- Adam Mooz Adam.Mooz () gmail com http://www.AdamMooz.com On 2010-03-12, at 3:10 PM, John Lightfoot wrote:
Hello, I have a home wireless network that I’d like to make available to neighbors who need to borrow a connection from time to time. Consider it karmic repayment for the times I’ve had to borrow someone else’s open connection. Of course, I’d like to do it securely, so I’m looking for some advice. My main network has a wireless router connected to the Internet, with a few wired connections to my home computers. The main router’s wireless network is protected by WPA, access control via MAC address, etc. My thought is I would attach a second wireless router (Netgear) to a port off the main router and leave it unsecured, using a second subnet, and block any routing between the two subnets, other than straight out to the Internet, but I’m not sure the best way to do that. So, a few questions: If I set up a second router with a subnet “subservient” to my main router, presumably it has to get an IP address within the address space of the main network, but how can I limit access to that network to only my Internet interface? Would it make more sense for my secure network to be subservient to the main network, i.e. open up the main network and secure a secondary subnet off it? I also have a Secure Computing SG 300 Firewall/VPN appliance, could I configure that help keep the networks separate and my home network secure? It’s got a lot of nice features, but I’m not sure it would help make my configuration more secure. This may be a very bad idea, so I’d also be happy to hear why that’s so if it’s true. Thanks for any advice. John Lightfoot ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Home wireless free hotspot, (continued)
- RE: Home wireless free hotspot BECKY MACDONALD (Mar 19)
- Re: Home wireless free hotspot Doug Farre (Mar 18)
- RE: Home wireless free hotspot Murda (Mar 19)
- RE: Home wireless free hotspot Dimyan, Michael (Mar 16)
- RE: Home wireless free hotspot John Lightfoot (Mar 16)
- Re: Home wireless free hotspot Jay Vlavianos (Mar 16)
- RE: Home wireless free hotspot Channel, Lawrence F CTR USAF ACC ACC/A8ZX (Mar 16)
- RE: Home wireless free hotspot Quark Group - Hilton Travis (Mar 22)
- Re: Home wireless free hotspot Adam Mooz (Mar 16)
- Re: Home wireless free hotspot tas0584 (Mar 16)
- RE: Home wireless free hotspot John Lightfoot (Mar 16)
- Re: Home wireless free hotspot Adam Mooz (Mar 16)
- Re: Home wireless free hotspot Todd Haverkos (Mar 16)
- Re: Home wireless free hotspot Jon Janego (Mar 16)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 16)
- Re: Home wireless free hotspot Dale Stirling (Mar 17)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 18)
- RE: Home wireless free hotspot BECKY MACDONALD (Mar 19)
- Re: Home wireless free hotspot ultrique (Mar 16)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
- RE: Home wireless free hotspot Jay Vlavianos (Mar 17)
- Re: Home wireless free hotspot Johnathan (Mar 17)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
(Thread continues...)