Re: [fw-wiz] Discretionary WiFi Access
From: Jim Seymour (jseymour_at_linxnet.com)
Date: 07/21/05
- Previous message: Keith A. Glass: "Re: [fw-wiz] Intel vs. special purpose FW-1 servers"
- In reply to: Vinicius Moreira Mello: "Re: [fw-wiz] Discretionary WiFi Access"
- Next in thread: Kevin: "Re: [fw-wiz] Discretionary WiFi Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: firewall-wizards@honor.icsalabs.com Date: Thu, 21 Jul 2005 10:04:21 -0400 (EDT)
Vinicius Moreira Mello <vmmello@inf.ufrgs.br> wrote:
>
> Jose Varghese wrote:
> >
> > Keeping it simple: Physical segregation and only Internet access
>
> Sorry, but I don't agree. If you deploy and maintain the network you'll
> be liable for any legal action against you in case of misuse.
Perhaps so, but irrelevant, in my view, because I feel responsibility
trumps legal liability. IOW: Even were there no legal liability, it
would be the height of irresponsibility to create an uncontrolled,
un-monitored WiFi hot spot with unfettered access to the 'net.
> Making
> reality simpler is not the same as creating simple solutions.
s/is not/is not necessarily/
>
> I would consider studying solutions #2 or #3 from John Adams's message.
> There are some guides/howtos out there that show how to configure such
> scenarios.
The problem with those solutions is that not all clients will be
supported by the newer WiFi protocols. Most 802.11b drivers don't
support WAP, much-less 802.1x, for example. And even if they do
support them, older implementations may need to be patched to get
bug-fixes. Are *you*, the local network admin., going to take
responsibility for patching a guest's PC? Then there'll be the
administrative overhead in granting the guest access: Both server-side
and client-side. For every visitor--coming and going. Are you, the
local network admin., going to take responsibility for making
configuration changes to a visitor's PC?
Don't get me wrong: I agree that an open mode WLAN is a Very Bad Idea.
But I don't see how John Adams' suggestions are practical, either.
Am I missing something?
Jim
-- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me know via my web form at <http://jimsun.linxnet.com/scform.php>. _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Keith A. Glass: "Re: [fw-wiz] Intel vs. special purpose FW-1 servers"
- In reply to: Vinicius Moreira Mello: "Re: [fw-wiz] Discretionary WiFi Access"
- Next in thread: Kevin: "Re: [fw-wiz] Discretionary WiFi Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
