How to provide "free" wifi in a secure way

[Martin]

Hi all,

one of my customers is running a language school. 

Naturally they want to provide their students with free wi-fi access.

However, some of their recent students seem to be idiots that can't be trusted, therefore they asked me if there is a way to close the wi-fi down a bit, as they are afraid that the students might do some illegal activity using their wifi.

Are there any tools you would suggest for such an instituion / situation?

Kind regards,

Martin

[Patrick Haller]

On 2011-10-04 23:13, Martin wrote:
> Naturally they want to provide their students with free wi-fi access.

I like one-time MAC registration for this. Can either be purchased,
self-automated, or make the kids show up with laptops and IDs in tow.

Patrick

[Chow Loong Jin]

It's fairly easy to spoof MAC addresses though. If you truly wanted it to be
secure, you would probably be better off with WPA2-enterprise. Then you get
encryption, and username/password authentication.

--
Kind regards,
Loong Jin

[Gideon Simons]

Long time ago when i was living in UK i had this wifi router called Fontenna which you can read about here: http://www.fon.com . I got it off ebay for cheap.

I remember it had some kind of separation between you and your guests wifi signals where you can play around with different levels of access etc..

Aside of that it had a really cool community wifi idea behind the whole thing, and was a very solid piece of hardware at the time.

Gideon

--
Gideon

[Steven Leeman]

2011/10/4 Gideon Simons <gide...@gmail.com>

Long time ago when i was living in UK i had this wifi router called Fontenna which you can read about here: http://www.fon.com . I got it off ebay for cheap.

I remember it had some kind of separation between you and your guests wifi signals where you can play around with different levels of access etc..

Aside of that it had a really cool community wifi idea behind the whole thing, and was a very solid piece of hardware at the time.

yes 4 million members today... 

Customers of BT (UK), ZON (Portugal), Softbank (Japan), SFR (France), Belgacom (Belgium) can join easily others have to flash a linksys wifi or buy a fonera for +- 39 euro's online ... 

but they don't ship to Singapore

It's a https captive portal for user authentication (max 5 users that don't share on the simpl)

you can flash something else on the older devices (gargoyle router firmware?)

it's "Isolated Client" mode that makes everyone hidden on the "public" ssid

you can see logging of who logged in/out when and how many bytes they consumed

you could force opendns and put some filters on opendns

[Alvin Jiang]

I used to have a La Fonera 2100. I still have the box but the router
seems to have walked away.

I checked their website and they've got new models now. I may get
another one. If anyone is interested I'll be happy to pick up a few more
- should be around S$180 each for the 2.0N and S$100 for the SIMPL (via US).

Let me know if you're interested.

Alvin.

On 05.10.11 01:43 , Steven Leeman wrote:
>
>
> 2011/10/4 Gideon Simons <gide...@gmail.com <mailto:gide...@gmail.com>>

>
> Long time ago when i was living in UK i had this wifi router called
> Fontenna which you can read about here: http://www.fon.com

> <http://www.fon.com/> . I got it off ebay for cheap.

>
> I remember it had some kind of separation between you and your
> guests wifi signals where you can play around with different levels
> of access etc..
>
> Aside of that it had a really cool community wifi idea behind the
> whole thing, and was a very solid piece of hardware at the time.
>
> yes 4 million members today...
> Customers of BT (UK), ZON (Portugal), Softbank (Japan), SFR (France),
> Belgacom (Belgium) can join easily others have to flash a linksys wifi
> or buy a fonera for +- 39 euro's online ...
> but they don't ship to Singapore
>
> It's a https captive portal for user authentication (max 5 users that
> don't share on the simpl)
> you can flash something else on the older devices (gargoyle router
> firmware?)
>
> it's "Isolated Client" mode that makes everyone hidden on the "public" ssid
> you can see logging of who logged in/out when and how many bytes they
> consumed
> you could force opendns and put some filters on opendns
>
>

> --
> Chat: http://hackerspace.sg/chat