Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Home wireless free hotspot

From: Jay Vlavianos <jvlavianos () ecastnetwork com>
Date: Tue, 16 Mar 2010 08:30:34 -0700
One only needs to read stories like the one below of a poor Tor exit  
node operator to realize that you don't want -anyone- except yourself  
on your own net connection.

That is, of course, if you need some excuse for your own activities  
("I don't know man, I didn't download any softwarez- but maybe my  
neighbor did!).

http://calumog.wordpress.com/2009/03/18/why-you-need-balls-of-steel-to-operate-a-tor-exit-node/



On Mar 16, 2010, at 7:32 AM, "Johnathan"  
<martinez85 () att blackberry net> wrote:


How sweet of you...

Now matter how kind your intentions are, you may want to check the  
terms and conditions of the agreement of the contract you hold with  
your service provider.

You legally may not be allowed to do such a thing you are proposing.

You may be aware of this already, just wanted to put it out there  
for others who may have the same mind set as you.

----
Johnathan

Sent via BlackBerry by AT&T

-----Original Message-----
From: "John Lightfoot" <jlightfoot () gmail com>
Date: Fri, 12 Mar 2010 15:10:40
To: <security-basics () securityfocus com>
Subject: Home wireless free hotspot

Hello,

I have a home wireless network that I’d like to make available to ne 
ighbors
who need to borrow a connection from time to time.  Consider it karmic
repayment for the times I’ve had to borrow someone else’s open  
connection.
Of course, I’d like to do it securely, so I’m looking for some  
advice.

My main network has a wireless router connected to the Internet,  
with a few
wired connections to my home computers.  The main router’s wireless  
network
is protected by WPA, access control via MAC address, etc.  My  
thought is I
would attach a second wireless router (Netgear) to a port off the main
router and leave it unsecured, using a second subnet, and block any  
routing
between the two subnets, other than straight out to the Internet,  
but I’m
not sure the best way to do that.

So, a few questions:

If I set up a second router with a subnet “subservient” to my  
main router,
presumably it has to get an IP address within the address space of  
the main
network, but how can I limit access to that network to only my  
Internet
interface?

Would it make more sense for my secure network to be subservient to  
the main
network, i.e. open up the main network and secure a secondary subnet  
off it?

I also have a Secure Computing SG 300 Firewall/VPN appliance, could I
configure that help keep the networks separate and my home network  
secure?
It’s got a lot of nice features, but I’m not sure it would help  
make my
configuration more secure.

This may be a very bad idea, so I’d also be happy to hear why  
that’s so if
it’s true.

Thanks for any advice.


John Lightfoot




--- 
---------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs  
an SSL certificate.  We look at how SSL works, how it benefits your  
company and how your customers can tell if a site is secure. You  
will find out how to test, purchase, install and use a thawte  
Digital Certificate on your Apache web server. Throughout, best  
practices for set-up are highlighted to help you ensure efficient  
ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
--- 
---------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: