I was interesting in getting some information and guidance from the many experts on the forums here.
In universities, there are wireless networks setup for internet usage by all the students who attend that university.
Firstly, the universities obviously make use of varios pieces of hardware, like routers, signal boosters perhaps, etc. Then there is the software aspect as well. The software controls access to the network. The student usually installs a small application on his laptop, and then uses it to login with a username and password, in order to access the network and use internet. Without that password, even though a signal is recieved, you can’t browse the net.
I was also interesting in seting up a similiar system, but on a smaller scale. I wanted to setup internet in a home - upper floor, main floor, basement. And I wanted to give access to the network through regulation software, which requires a username and password for access. I also wanted to be able to limit certain sites, and record all the activity for all the accounts on each laptop computer.
Could anyone guide me into what hardware is required, and software in order to setup a system of this nature?
You can limit access to your network by enabling any encryption modes available, such as WEP… Allthough not very secure, it does provide a degree of security (which is better than none).
Without that password, even though a signal is recieved, you can’t browse the net.
Are you wanting a second Login? ie windows conencts to the wireless network, but you need to enter a username and pw to gain access to any services (something like Novell?).
Yeah - it must be absolutely secure. Any options? Ideas? guidance?
Also - regarding the login system - the most important thing is that - even though a laptop recieves a wireless network connection - I don’t want anyone to be able to USE the internet, or network services, until they input a username and password. And then furthermore, I want to be able to log and record all the internet activity that each user performs while surfing the net.
Just so you know, nothing involving networks is absolutely secure. Although there are higher levels of encryption such as WPA2, etc, but they are definitely not invincible as you are wanting.
If you want a high level of security, im guessing your going to be transfering sensitive data (band details etc?), Make sure you have a decent WEP password and use openSSL to a proxy on the wired bit of the network.
That would mean, if anybody did decide to crack your WEP key, They wouldnt be able to simply ‘sniff’ (recording traffic and contents) The wireless segmant of the network, They would have to Crack the SSL key aswell [any data that is sent over SSL anyway]… which could be done, BUT, They would have to record the traffic and brute force the key… which could takes weeks!
What you have to remember, even if someone does want to ‘brake into’ your network… most of the time there only looking for free internet access!
WEP? Why use WEP it can be cracked within 30mins. WPA is much stronger than WEP, despite not being absolutely secure. Most modern wireless devices support WPA.
SSL will be used anyway for sensitive information for bank details, unless you’re paranoid and want to SSL every piece of data.
About the login thing. The wireless security like WPA will handle it via a passphrase (similar to a WEP key). But if you want username/password logins you might want to set up a small domain with user authentication. Never done this myself but I’m sure its possible. If you want total control over you’re users and what they access you’ll probably need a proxy server to handle complex tasks.
Well but people that go wardriving know more than nothing about security. The answer is simple, use WPA2 unless you are just uber paranoid about people getting your family pictures in which case I say just don’t use wireless.
[QUOTE=max12590]
Well but people that go wardriving know more than nothing about security. The answer is simple, use WPA2 unless you are just uber paranoid about people getting your family pictures in which case I say just don’t use wireless.
[/QUOTE]
Problem is that not all wireless cards support WPA2, WPA should be sufficient aswell.
havnt had any decent snow all year! (and its now spring :/)