Firewall Wizards mailing list archives
RE: Locking down public wireless access
From: John Adams <jna+dated+1109546999.6e3a90 () retina net>
Date: Tue, 22 Feb 2005 15:29:58 -0800 (PST)
I think what you're looking for is nocatauth. Have a look: www.nocat.net -john On Tue, 22 Feb 2005, Mark Gumennik wrote:
Chris, The way wireless RFC is written : - you can secure the data; you can not secure the communication itself. Your plan is adequate for today's technologies for university environment, but: user names and pwds can be easily spoofed on wireless com, you don't even have to be a hacker for this: just use existing tools. I would not do my banking on wireless; let your customers be aware of it. Did somebody on the list actually written a policy on using wireless? - if yes please send me a copy Mark -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Chris Bills Sent: Saturday, February 19, 2005 1:31 PM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] Locking down public wireless access At my university, the computer science department would like to offer wireless access to computer science students, but would like the access to not be anonymous. Current problems with unrestricted access to the internet are obvious, anonymous kids downloading porn, movies, mp3s, etc, and as the university allowed this to happen, they could be held liable. enforcing a logon policy would help limit the university's liability in said situations. ideally, we would like to implement a system in which the user will connect to un-encrypted wireless, but any attempts to get out will be redirected to the authentication page. Once the user logs in, they will be given the WEP key of the day, and then they will have unrestricted access. I'm investigating the usage of Linksys WRT45G routers, with a modified firmware, but I have no actual experience with this. I would like to look into other methods of doing this, as well, such as Perfigo (which has now been acquired by Cisco)... If you have any suggestions for hardware, or existing documentation floating on the net about how to achieve this sort of setup, please let me know. Chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
-- J. Adams http://www.retina.net/~jna _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Locking down public wireless access Chris Bills (Feb 22)
- Re: Locking down public wireless access ArkanoiD (Feb 22)
- Re: Locking down public wireless access Jim Seymour (Feb 22)
- Re: Locking down public wireless access Kevin Sheldrake (Feb 22)
- Re: Locking down public wireless access Paul D. Robertson (Feb 22)
- RE: Locking down public wireless access Mark Gumennik (Feb 22)
- RE: Locking down public wireless access John Adams (Feb 22)
- Re: Locking down public wireless access Dale W. Carder (Feb 23)
- Re: Locking down public wireless access David Lang (Feb 24)
- <Possible follow-ups>
- RE: Locking down public wireless access Smith, Aaron (Feb 22)