RE: Home wireless free hotspot

["David Gillett" <gillettdavid () fhda edu>]

ay

-----Original Message-----
From: Reginald Wheeler [mailto:wheeler90 () comcast net]
Sent: Tuesday, March 16, 2010 17:34
To: Jay Vlavianos
Cc: martinez85 () att blackberry net; John Lightfoot;
listbounce () securityfocus com; security-basics () securityfocus com
Subject: Re: Home wireless free hotspot

Dude the guy is not asking if it is safe to operate a freaking tor proxy
server.  He is asking if he set up something like what you would get if you
were to go to a freaking coffee shop.  Stop telling the guy he can't do it.
Tell him the risk involved and tell him the best way to mitigate those risk.
I know we have a bunch of IT professionals that are on this mailing list.
The link that is provided talks of operating a proxy site that can and will
violate your ISP terms of use.  Now if you go through the proper channels
you can offer a wifi hotspot as a service.  You have to speak to your ISP
for the details of what you need to do.  So having said that and now getting
pissed with the level of incompetence that many of my fellow IT
professionals are showing I'm left wondering how in the hell you got your
jobs.  Now I am going to give Mr. Lightfoot this advise please consult an IT
professional that is well versed in wireless networking and security.  This
person will also be able to help you with all of the legalities that you may
run into with this project. Now for everyone else we all have to think
before we comment, not misrepresent ourselves and do our best to leave our
personal feelings about things in our pockets when consulting someone on
anything unless they ask for it.


  In the U.S., if you want to give away free Internet access to all comers,
last year's FCC ruling (requiring you to comply with CALEA) almost certainly
applies.  There have been various legislative proposals that would require
you to identify all your users, but I don't believe any of them has passed
into law.  But if this is intended to be a lasting service, I'd be keeping
an eye on such proposals....

  The technical aspects are easy, and you can harden most SOHO units to
ensure that users can't compromise your own systems via this route.  Most
SOHO systems are probably not set up to protect the rest of the Internet
from their users, and that's fine as long as the population of said users is
pretty limited.  But if you're going to effectively be a free ISP, you want
to understand the regulatory requirements that involves BEFORE you start
offering service to the general public!

David Gillett. CISSP CCNP



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------