Re: Free Wi-Fi Hotspot?
- From: gordon@xxxxxxxxxx (Gordon Henderson)
- Date: 20 Apr 2007 08:11:19 GMT
In article <Xns9917E6C6CD324frz@xxxxxxxxxxx>,
Frazer Jolly Goodfellow <no-spam@xxxxxxxxxxx> wrote:
"dennis@home" <dennis@xxxxxxxxxxxxxxxxxxxxxx> wrote in news:f087mv
$kk9$1@xxxxxxxxxxxxxxx:
have
"alexd" <troffasky@xxxxxxxxxxx> wrote in message
news:1351805.7zljSQaN3Q@xxxxxxxxx
Frazer Jolly Goodfellow wrote:
Thanks Gordon, much appreciated.
The Solwise device supports encryption but appears to require a
username/password logon for authentication. Would a customer
I think turning on encryption is essential, but the solution isto enter an encryption key as well?
Only if encryption was turned on.
That may not be true if using 802.1 authentication.
They key would be provided as part of the logon phase.
becoming more complex.
Quite. The unit I used (and I've forgotten it's name, sorry and it's
currently 110 miles away), did support encryption, and it prints out the
key (wep or wpa) on the bit of paper, if it was enabled. (I tested it
enabled, then decided the muppets who were going to be using it would
find that hard, so removed it, so in that respect it's the same as BT
openwallet which is also unencrypted - try going online in an airport
and snooping what you see - it's scary knowing that 99.99% of people
still use plain-text paswords in POP/IMAP/SMPT-AUTH, etc. and as I've
just had one of my servers hijacked by spammers who used smtp-auth with
valid username & password to relay email, it's a bit frightening )-: I
suspect it's only a matter of time before the spammers latch onto
this - they're not intersted in your email, just a spam-launch vector,
and even if they don't do it fromthe WiFi AP, then they have a list of
username/passwords they can use from elsewhere.
So on your PC, you'd have to find the access point, try to associate
with it, enter the wep/wpa key, then access a web site, whereupon it
would hijack your connection, take you to it's own login/password screen
where you'd enter the code on the ticket, then you'd have access for
the time-limit specified by the ticket.
Presumably a server would also be needed to capture logging
information?
What are you going to log?
But yes, there's a syslog facility, so you could log the clients MAC
address (no point logging the IP address they get as it's dynamic and
could be re-used after rsome time - a wiley hacker would spoof their
MAC address anyway) And unless you ask them for their name, address,
phone number, then there's not much point. It would also be hard to log
all the sites they visited too - not impossible, but hard as you'd run
out of disk space...
BT open wallet (and other instant access, open ones) works because you
need to use a credit card to buy time on it, so they have that as a way
of identifying you to the system, should the fuzz come knocking. For
a simple high street cafe, it's probably not worth it - and if I were
doing that, I'd maybe try to arrange seating such that it might be hard
to fully conceal a screen from a casual passer-by. (Not that that would
stop me doing something I shouldn't be doing, but it's a start)
And you turn of firewalling too, so they can only do simple web browsing
and hopefully not much else...
Gordon
.
- Follow-Ups:
- Re: Free Wi-Fi Hotspot?
- From: Frazer Jolly Goodfellow
- Re: Free Wi-Fi Hotspot?
- References:
- Free Wi-Fi Hotspot?
- From: Frazer Jolly Goodfellow
- Re: Free Wi-Fi Hotspot?
- From: alexd
- Re: Free Wi-Fi Hotspot?
- From: dennis@home
- Re: Free Wi-Fi Hotspot?
- From: Frazer Jolly Goodfellow
- Free Wi-Fi Hotspot?
- Prev by Date: Re: Islam Is The True Religion
- Next by Date: Re: Virgin Media/NTL troubles
- Previous by thread: Re: Free Wi-Fi Hotspot?
- Next by thread: Re: Free Wi-Fi Hotspot?
- Index(es):
Relevant Pages
|
Loading
