Wireless Network setup

Discussion in 'Networking and Computer Security' started by kh44n, Mar 9, 2006.

  1. kh44n

    kh44n Geek Trainee

    Likes Received:
    0
    Trophy Points:
    0
    Hello,

    I was interesting in getting some information and guidance from the many experts on the forums here.

    In universities, there are wireless networks setup for internet usage by all the students who attend that university.

    Firstly, the universities obviously make use of varios pieces of hardware, like routers, signal boosters perhaps, etc. Then there is the software aspect as well. The software controls access to the network. The student usually installs a small application on his laptop, and then uses it to login with a username and password, in order to access the network and use internet. Without that password, even though a signal is recieved, you can't browse the net.

    I was also interesting in seting up a similiar system, but on a smaller scale. I wanted to setup internet in a home - upper floor, main floor, basement. And I wanted to give access to the network through regulation software, which requires a username and password for access. I also wanted to be able to limit certain sites, and record all the activity for all the accounts on each laptop computer.

    Could anyone guide me into what hardware is required, and software in order to setup a system of this nature?

    THANKS IN ADVANCE!
     
  2. Impotence

    Impotence May the source be with u!

    Likes Received:
    6
    Trophy Points:
    38
    You can limit access to your network by enabling any encryption modes available, such as WEP... Allthough not very secure, it does provide a degree of security (which is better than none).

    Are you wanting a second Login? ie windows conencts to the wireless network, but you need to enter a username and pw to gain access to any services (something like Novell?).
     
  3. kh44n

    kh44n Geek Trainee

    Likes Received:
    0
    Trophy Points:
    0
    Hey! Thanks for your quick response bud.

    Yeah - it must be absolutely secure. Any options? Ideas? guidance?

    Also - regarding the login system - the most important thing is that - even though a laptop recieves a wireless network connection - I don't want anyone to be able to USE the internet, or network services, until they input a username and password. And then furthermore, I want to be able to log and record all the internet activity that each user performs while surfing the net.

    What is a solution to this?

    Thanks again!!
     
  4. StimpE

    StimpE lol, Internet!

    Likes Received:
    1
    Trophy Points:
    18
    Just so you know, nothing involving networks is *absolutely* secure. Although there are higher levels of encryption such as WPA2, etc, but they are definitely not invincible as you are wanting.
     
  5. Impotence

    Impotence May the source be with u!

    Likes Received:
    6
    Trophy Points:
    38
    *nods and agree's with StimpE*

    If you want a high level of security, im guessing your going to be transfering sensitive data (band details etc?), Make sure you have a decent WEP password and use openSSL to a proxy on the wired bit of the network.

    The idear would 'look' sorta like this!

    [WEP](SSL){Sensitive data}(SSL)[WEP]

    That would mean, if anybody did decide to crack your WEP key, They wouldnt be able to simply 'sniff' (recording traffic and contents) The wireless segmant of the network, They would have to Crack the SSL key aswell [any data that is sent over SSL anyway]... which could be done, BUT, They would have to record the traffic and brute force the key.... which could takes weeks!

    What you have to remember, even if someone does want to 'brake into' your network.... most of the time there only looking for free internet access!
     
  6. Addis

    Addis The King

    Likes Received:
    91
    Trophy Points:
    48
    WEP? Why use WEP it can be cracked within 30mins. WPA is much stronger than WEP, despite not being absolutely secure. Most modern wireless devices support WPA.

    SSL will be used anyway for sensitive information for bank details, unless you're paranoid and want to SSL every piece of data.

    About the login thing. The wireless security like WPA will handle it via a passphrase (similar to a WEP key). But if you want username/password logins you might want to set up a small domain with user authentication. Never done this myself but I'm sure its possible. If you want total control over you're users and what they access you'll probably need a proxy server to handle complex tasks.
     
  7. Impotence

    Impotence May the source be with u!

    Likes Received:
    6
    Trophy Points:
    38
    64 Bit WEP = about 10 mins
    128 bit WEP = about 25 mins

    Its secure enuf to keep anyone who doesnt know anything about security out!
     
  8. max12590

    max12590 Masterful Geek

    Likes Received:
    51
    Trophy Points:
    0
    Well but people that go wardriving know more than nothing about security. The answer is simple, use WPA2 unless you are just uber paranoid about people getting your family pictures in which case I say just don't use wireless.
     
  9. StimpE

    StimpE lol, Internet!

    Likes Received:
    1
    Trophy Points:
    18
    I wouldn't touch WEP with a 20 foot pole.
     
  10. Addis

    Addis The King

    Likes Received:
    91
    Trophy Points:
    48
    Problem is that not all wireless cards support WPA2, WPA should be sufficient aswell.
     
  11. Impotence

    Impotence May the source be with u!

    Likes Received:
    6
    Trophy Points:
    38
    *hence i suggested WEP*

    But yeah, Having a wireless network is like Trailing a Live ethernet cable into the street (only a bit easy'er too see when its snowing :p)

    We've got a foor of snow :p havnt had any decent snow all year! (and its now spring :/)

    Has the Wireless hardware allready been bought? (wireless card, routers etc)
     

Share This Page