| Gönderen: |
"Howard Winter" <os2-wireless_users@2rosenthals.com> |
Tam Ba?l?klar
Çözülmemi? ?leti |
| Gönderen: |
os2-wireless_users-owner <os2-wireless_users-owner@2rosenthals.com> |
| Konu: |
[OS2Wireless] Need recommendations for WiFi portal architecture |
| Tarih: |
Sat, 18 Jun 2005 14:17:56 +0100 (BST) |
| Alacak: |
"os2-wireless_users@2rosenthals.com" <os2-wireless_users@2rosenthals.com> |
|
|---|
Jeffrey,
On Sat, 18 Jun 2005 16:24:27 +0700, Jeffrey Race wrote:
>I have just been selected to join a committee here in Bangkok charged with
>improving one the buildings of a private club to which I belong. One of our
>tasks is to pep up a large open reception area, and the thinking is to change
>its present sterile hospital-waiting-room atmosphere by creating a relaxed
>and fun snack/sitting area. I would like to suggest adding WiFi but don't
>have a good sense of the costs for equipment and s/w. Our club has
>broadband so I think at the h/w level we could just plug an AP into the LAN.
>
>Questions:
>
>1-Is this naive assumption correct? If not, how not?
If you're not worried about security, people accessing the thing who shouldn't, you could just set up an
Access Point, tell the members the SSID and the WPA key, and you're away! However, if you're worried about
people sitting in the carpark and using the Internet for free, then you will need to go further.
>2-Should we consider to impose some access restriction? Each club
> member has a p/w to access the club website from outside. Should
> we consider to have (as I have run into at the PGA in West Palm Beach)
> a portal page where one logs in with his p/w, which then passes one on
> to the world of the internet? I assume this would create logs which
> could be studied in case there were later a problem.
This will increase the security somewhat - at least you'll know when someone's trying to hack in, but the main
use of this above the security in (1) is to be able to charge people for using it. Anyone capable of getting
past the WiFi security has a good chance of being able to get past a log-in password too.
> If this is worth considering, what s/w is involved? Can it be purchased?
> Free?
I know this exists, but I think Lewis is probably the expert in this area! :-)
>3-I doubt we will have any spammers sitting in our lobby (there is a 50-year
> waiting list to join) but should we consider any port restrictions or other
> restrictions?
If you are sure that there will be no hostile users inside, the best security is to make sure the signal stays
on your premises - if you only want that small area to be used, set a low power on the AP, use an antenna that
is directional and faces away from the outside, keeping the transmitted signal from getting out (pointing
downwards from high on a wall would be good too, to keep reflections in a direction that isn't useful). If
the carpark is just outside, try to get as much mass in between in and the antenna as you can - metal or stone
walls would be best, rice-paper wouldn't be very good at all... if you can use something that is *very*
directional, like a "Cantenna" then there will be almost no back-emission, but a flat-plate wall-mounted
antenna will still emit some signal through the wall.
50-year waiting list? That's not much use for a toddler-and-parent group, is it? :-)))
>I welcome ideas on the above, as well as anything I should have asked and
>have forgotten, and pointers to resources I should read up on.
This is all IMHO of course - and security is always a matter of assessing the cost of a breach vs. the cost of
implementation!
Cheers,
Howard Winter
http://www.TheH2.Org.uk
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, send a message to
steward@2rosenthals.com with the command
"unsubscribe os2-wireless_users" in the body
(omit the quotes).
For help with other commands, send a message
to steward@2rosenthals.com with the command
"help" in the body (omit the quotes).
This list is hosted by Rosenthal & Rosenthal
P.O. Box 281, Deer Park, NY 11729-0281. Non-
electronic communications related to content
contained in these messages should be directed
to the above address. (CAN-SPAM Act of 2003)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
|