RE: Home wireless free hotspot

["John Lightfoot" <jlightfoot () gmail com>]

A fair question, although there are many towns and airports that offer free
Internet access so presumably there's a way to get around the problem of
liability for illegal activity.

The ISP service agreement question is also fair, and I'll have to do some
research as to what's allowed by my agreement.  But I won't be advertising
the service or encouraging it, just not minding if someone "borrows" it.  I
don't see it as significantly different than someone who hooks a Linksys
router to his/her cable modem connection and doesn't change the default
settings.

-----Original Message-----
From: Dimyan, Michael [mailto:Michael.Dimyan () timewarner com] 
Sent: Monday, March 15, 2010 7:14 PM
To: 'John Lightfoot'; security-basics () securityfocus com
Subject: RE: Home wireless free hotspot

Aside from the possibility that sharing your internet connection may be a
violation of your ISP service agreement, the question I would ask is if
you'd be liable for any potentially illegal activity that may take place on
your connection.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of John Lightfoot
Sent: Friday, March 12, 2010 3:11 PM
To: security-basics () securityfocus com
Subject: Home wireless free hotspot

Hello,

I have a home wireless network that I'd like to make available to neighbors
who need to borrow a connection from time to time.  Consider it karmic
repayment for the times I've had to borrow someone else's open connection.
Of course, I'd like to do it securely, so I'm looking for some advice.

My main network has a wireless router connected to the Internet, with a few
wired connections to my home computers.  The main router's wireless network
is protected by WPA, access control via MAC address, etc.  My thought is I
would attach a second wireless router (Netgear) to a port off the main
router and leave it unsecured, using a second subnet, and block any routing
between the two subnets, other than straight out to the Internet, but I'm
not sure the best way to do that.

So, a few questions:

If I set up a second router with a subnet "subservient" to my main router,
presumably it has to get an IP address within the address space of the main
network, but how can I limit access to that network to only my Internet
interface?

Would it make more sense for my secure network to be subservient to the main
network, i.e. open up the main network and secure a secondary subnet off it?

I also have a Secure Computing SG 300 Firewall/VPN appliance, could I
configure that help keep the networks separate and my home network secure?
It's got a lot of nice features, but I'm not sure it would help make my
configuration more secure.

This may be a very bad idea, so I'd also be happy to hear why that's so if
it's true.

Thanks for any advice.


John Lightfoot




------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate.  We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------


=================================================================
This message is the property of Time Warner Inc. and is intended only for
the use of the
addressee(s) and may be legally privileged and/or confidential. If the
reader of this message is not the intended recipient, or the employee or
agent responsible to deliver it to the intended recipient, he or she is
hereby notified that any dissemination, distribution, printing, forwarding,
or any method of copying of this information, and/or the taking of any
action in reliance on the information herein is strictly prohibited except
by the original recipient or those to whom he or she intentionally
distributes this message. If you have received this communication in error,
please immediately notify the sender, and delete the original message and
any copies from your computer or storage system. Thank you.
=================================================================


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------