Security Basics mailing list archives
RE: Home wireless free hotspot
From: Jay Vlavianos <jvlavianos () ecastnetwork com>
Date: Tue, 16 Mar 2010 14:38:13 -0700
That way you are not bombarded with legal advice from the surprising number of lawyers that come out of the woodwork when such questions are asked.
You have got to be kidding with that. You honestly expect security professionals to recommend a solution that has serious potential problems for the implementer without opining on it? If I was answering these questions for a client instead of someone on a mailing list I would say the same thing (as I am sure everyone else would)... so why not say it to this guy? You don't have to be a lawyer to read the all of the scary brute LEO stuff and realize that people get harassed and dragged to court for anything. Why would you know that in your brain, and not say something? -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Doug Farre Sent: Tuesday, March 16, 2010 12:21 PM To: security-basics () securityfocus com Subject: Re: Home wireless free hotspot Hi John, I would be careful how you word your request next time. Instead of saying "...have a home wireless network that I'd like to make available to neighbors who need to borrow a connection from time to time." You could have said: "I would like to set up a wireless network on my home network that only has access to the internet and not the rest of the network." That way you are not bombarded with legal advice from the surprising number of lawyers that come out of the woodwork when such questions are asked. On Tue, Mar 16, 2010 at 3:31 AM, <ultrique () hotmail com> wrote:
John, Any open wireless device is a bad idea (and normally a breach of the TOC by your ISP) so I advise securing it with at least a WPA Personal enabled access point/router and giving the connection details to your neighbour... also be aware that due to the way wireless works if you have 2 devices of the same type (802.11a,b-g,n) together you must choose seperate channels in the access point/router when setting them up otherwise you get conflicts and possibly loss of connectivity while they fight over the channel. Unless you have some sort of mid tier router/firewall such as a cisco router your unlikely to be able to control traffic flow between your computers and the "other" devices on the network. The only way I can imagine you doing this other than getting a uprated router (some new ones support isolated wireless for net access only) would be to place your network on 1 router with a DSL/Cable WAN port (normal network port) and plug this into another router connected to the internet and use this second router as your shared wireless network. The reason I say this is a lot of lower tier routers only allow you to control access from external to internal. In esence Internet connected to - Router1 (neighbours WPA wireless 802.11a) connected to - Router2 (private LAN and wireless 802.11b-g,n) This prevents your neighbours obtaining access to your home network while still allowing internet access. An alternative would be to buy a good firewall (ebay has a lot of Cisco pix's etc) and set up the network as follows. Router (your private lan, wireless, and internet )connected to - Firewall - connect 1 port to your lan and one to the new wireless access port, restrict traffic to deny traffic to all IP's other than your routers IP on the internal subnet from the access point, so if your router IP is 192.168.0.1 and subnetmask 255.255.255.0 then on the firewall deny all traffic to 192.268.0.2-254. Connected to - Access Point set up for neighbours connected into another firewall port. There are of course some possible issues with sharing your internet connection including you may become legally liable for all actions your neighbours perform online, potentially if you have internet limits imposed you may exceed them. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- ------ Doug Farre (209) 677-7483 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Home wireless free hotspot, (continued)
- Re: Home wireless free hotspot tas0584 (Mar 16)
- Re: Home wireless free hotspot Adam Mooz (Mar 16)
- Re: Home wireless free hotspot Todd Haverkos (Mar 16)
- Re: Home wireless free hotspot Jon Janego (Mar 16)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 16)
- Re: Home wireless free hotspot Dale Stirling (Mar 17)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 18)
- RE: Home wireless free hotspot BECKY MACDONALD (Mar 19)
- Re: Home wireless free hotspot ultrique (Mar 16)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
- RE: Home wireless free hotspot Jay Vlavianos (Mar 17)
- Re: Home wireless free hotspot Johnathan (Mar 17)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
- Re: Home wireless free hotspot ron (Mar 16)
- Re: Home wireless free hotspot John Morrison (Mar 17)
- Re: Home wireless free hotspot Adam Mooz (Mar 18)
- RE: Home wireless free hotspot Lauren Twele (Mar 19)
- Re: Home wireless free hotspot John Morrison (Mar 17)
- RE: Home wireless free hotspot David Gillett (Mar 18)
- RE: Home wireless free hotspot dm012343210-tomove (Mar 26)