turning business into hotspot for free wireless - legality?

Discussion in 'OT Technology' started by MP, Nov 18, 2006.

  1. MP

    MP New Member

    Joined:
    Sep 10, 2002
    Messages:
    34,377
    Likes Received:
    0
    Location:
    Silicon Valley
    So my boss wants me to set up our work for free wireless to customers. It's an easy job but I want to make sure this is legal. They just have a regular HSI connection, nothing special. It's a bar/burger-joint/club (depends on what time it is) so we get students, random business people, etc.

    so is it legal to just set it up and make it public? what sorta of shit should I prevent?

    thanks
     
  2. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
    It's perfectly legal. You should check with your internet provider about it however, it may violate your TOS with them.

    You will want to setup a separate network for it, terminating at the Internet connection. Setup a totally different private IP range for it so it will be harder to co-mingle the business and public networks. You will want to completely separate your business network from the public WIFI service. The best way would be to get a 2nd public IP from your ISP and setup a 2nd firewall/router on that IP. That way the public traffic is never behind your business network's firewall.

    You will also probably want to get a firewall/router that will allow you to block ports outbound (such as P2P). Not that I have anything against P2P services but they will suck up bandwidth and could get you in legal trouble if someone sits there all day downloading kiddie porn via a file sharing service.
     
  3. MP

    MP New Member

    Joined:
    Sep 10, 2002
    Messages:
    34,377
    Likes Received:
    0
    Location:
    Silicon Valley
    :werd:


    My main concern was just the legal part.


    as far as security I plant on going...


    Code:
    [CENTER]
    ISP
    |
    |
    Modem
    |              |
     |              | 
    |              |
    gateway         firewall
    |               |
           |        Private network
    wireless network                  [/CENTER]
    
    Then of course blocking all p2p shit. I found a neat write up on how to properly block porn sites, and the main other thing I want to eliminate are people capturing packets for miss-use.


    I haven't yet worked out the hardware but I will later today after I talk to my boss. Any hardware suggestions would be great. I'll most likely need two or three gateways located in different spots as the building is rather large.
     
  4. mdaniel

    mdaniel S is for Shiksa

    Joined:
    May 6, 2000
    Messages:
    52,500
    Likes Received:
    315
    Location:
    Northwest Mejicooooooo
    I'd block everything but port 80 and 443 to start. Of course people won't be able to use their email clients, but hey, its a free connection and that's what web mail is for.
     
  5. MP

    MP New Member

    Joined:
    Sep 10, 2002
    Messages:
    34,377
    Likes Received:
    0
    Location:
    Silicon Valley

    good call. Don't wanna leave 22 out of the party though :mamoru:
     
  6. Coottie

    Coottie BOOMER......SOONER OT Supporter

    Joined:
    Jun 6, 2006
    Messages:
    32,407
    Likes Received:
    0
    Location:
    OKC
    read your contract. if it's prohibited, it will state that in the contract
     
  7. 7960

    7960 New Member

    Joined:
    Oct 17, 2004
    Messages:
    60,415
    Likes Received:
    0
    Location:
    New England
    Come on...... why not leave 110 and 25 open for email? And comcast requires 465, too, if you want to use an email client on the road.

    I realize the "hey it's a free connection" but then again why not make it usable?
     
  8. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
    You mean 25 for spam?
     
  9. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Set up WPA and tell your customers to bring their laptops to the front desk so the receptionist/hostess/whatever can configure the wireless access. (make sure they save the settings so it's only a one-time inconvenience.) As part of the process, use "c:\> ipconfig /all" to grab each computer's MAC address so you can add it to the "Allowed Connections" list on your router. That way you know exactly who's using your free network, and you won't run the risk of spammers parking out in front of the building and dumping their garbage through your network. Trust me, people actually do this.
     
  10. 7960

    7960 New Member

    Joined:
    Oct 17, 2004
    Messages:
    60,415
    Likes Received:
    0
    Location:
    New England
    Trust me, nobody will do this.

    Better solution is to put signs inside on the walls saying "configure WEP for xxxxxxxxxxxxxxxxxxxx key" with instructions on how to set it up and change the WEP key every day (or at least every week).
     
  11. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
    If you are going to try to go through all the bullshit of trying to keep people out with WEP or WPA keys, then just don't bother putting up a public access point at all. If he's worried about spam, block SMTP (used to send it) and IRC (used to control botnets). Worried about content, setup filtering.

    Setting up some ridiculous system like deus suggests (sorry, but I'd laugh and walk away if they wanted my fucking laptop so they could set it up) or even a WEP key is just going to be a pain in the ass for the customers. If you want to offer public WiFi, offer it. If you are worried about people sitting the parking lot jacking off to animal porn while they send 1.2 trillion spam emails, there are easier way to prevent it, like filtering software, port blocking, and careful WAP location selection.
     
  12. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    No, dumbass, I was talking about people actually parking outside and sending spam through an unprotected network.
     

Share This Page