Security Basics mailing list archives
Re: Home wireless free hotspot
From: "Johnathan" <martinez85 () att blackberry net>
Date: Tue, 16 Mar 2010 21:29:53 +0000
Doug, In a way, security professionals are very much similar to lawyers if you really think about it. I have to give advice such as I have, and many others too, on issues such as these. When legal issues arise, it is our duty to educate the person on "what could happen" and legal consequences on something that may seem like a good idea at the time. If I were you I would be careful of how you word advise to others. Instead of advising someone to re-word the same question in an obfuscated way, you could have suggested that it would have been better to state at the end of their question that "I totally and fully accept the risk of what I just asked" so that you are not bombarded by some snippy internet security lawyer like guy such as me. Someone should create a security focus risk acceptance form that can be digitally signed so when a question that is legally and/or ethically questionable arises, everyone will be on the same page. Cheers! =) Johnathan, Internet Security ADA (Assistant Domain Attorney) ---- Johnathan Sent via BlackBerry by AT&T -----Original Message----- From: Doug Farre <dougfarre () gmail com> Date: Tue, 16 Mar 2010 14:20:47 To: <security-basics () securityfocus com> Subject: Re: Home wireless free hotspot Hi John, I would be careful how you word your request next time. Instead of saying "...have a home wireless network that I’d like to make available to neighbors who need to borrow a connection from time to time." You could have said: "I would like to set up a wireless network on my home network that only has access to the internet and not the rest of the network." That way you are not bombarded with legal advice from the surprising number of lawyers that come out of the woodwork when such questions are asked. On Tue, Mar 16, 2010 at 3:31 AM, <ultrique () hotmail com> wrote:
John, Any open wireless device is a bad idea (and normally a breach of the TOC by your ISP) so I advise securing it with at least a WPA Personal enabled access point/router and giving the connection details to your neighbour... also be aware that due to the way wireless works if you have 2 devices of the same type (802.11a,b-g,n) together you must choose seperate channels in the access point/router when setting them up otherwise you get conflicts and possibly loss of connectivity while they fight over the channel. Unless you have some sort of mid tier router/firewall such as a cisco router your unlikely to be able to control traffic flow between your computers and the "other" devices on the network. The only way I can imagine you doing this other than getting a uprated router (some new ones support isolated wireless for net access only) would be to place your network on 1 router with a DSL/Cable WAN port (normal network port) and plug this into another router connected to the internet and use this second router as your shared wireless network. The reason I say this is a lot of lower tier routers only allow you to control access from external to internal. In esence Internet connected to - Router1 (neighbours WPA wireless 802.11a) connected to - Router2 (private LAN and wireless 802.11b-g,n) This prevents your neighbours obtaining access to your home network while still allowing internet access. An alternative would be to buy a good firewall (ebay has a lot of Cisco pix's etc) and set up the network as follows. Router (your private lan, wireless, and internet )connected to - Firewall - connect 1 port to your lan and one to the new wireless access port, restrict traffic to deny traffic to all IP's other than your routers IP on the internal subnet from the access point, so if your router IP is 192.168.0.1 and subnetmask 255.255.255.0 then on the firewall deny all traffic to 192.268.0.2-254. Connected to - Access Point set up for neighbours connected into another firewall port. There are of course some possible issues with sharing your internet connection including you may become legally liable for all actions your neighbours perform online, potentially if you have internet limits imposed you may exceed them. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- ------ Doug Farre (209) 677-7483 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Home wireless free hotspot, (continued)
- Re: Home wireless free hotspot Adam Mooz (Mar 16)
- Re: Home wireless free hotspot Todd Haverkos (Mar 16)
- Re: Home wireless free hotspot Jon Janego (Mar 16)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 16)
- Re: Home wireless free hotspot Dale Stirling (Mar 17)
- Re: Home wireless free hotspot Shawn Merdinger (Mar 18)
- RE: Home wireless free hotspot BECKY MACDONALD (Mar 19)
- Re: Home wireless free hotspot ultrique (Mar 16)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
- RE: Home wireless free hotspot Jay Vlavianos (Mar 17)
- Re: Home wireless free hotspot Johnathan (Mar 17)
- Re: Home wireless free hotspot Doug Farre (Mar 16)
- Re: Home wireless free hotspot ron (Mar 16)
- Re: Home wireless free hotspot John Morrison (Mar 17)
- Re: Home wireless free hotspot Adam Mooz (Mar 18)
- RE: Home wireless free hotspot Lauren Twele (Mar 19)
- Re: Home wireless free hotspot John Morrison (Mar 17)
- RE: Home wireless free hotspot David Gillett (Mar 18)
- RE: Home wireless free hotspot dm012343210-tomove (Mar 26)