-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Shane R. Spencer wrote:
> Yo..
>
> So, I operate a few hotspots and am having some wonderful issues with
> some very hostile customers staying at a hotel we provide wireless
> Internet access for. It is free and we have public IP's for all
> wireless clients staying at the hotel, which I am starting to think was
> a stupid idea, however older VPN implementations almost required it in
> order to keep support requests to a minimal.
>
> I am hoping to block all but pop/imap/smtp(filtered via
> clamsmtp)/http(transparent squid)/VPN's and drop everything else. I
> found a few helpful links including this one:
>
> http://www.enterprisenetworkingplanet.com/netsysm/article.php/2168251
>
> At this point I just need a little advice on the do's and dont's of this
> kind of situation.
>
> Should I block *all* traffic ingress forwarded traffic if I don't want
> folks hosting web servers during their long stay at the hotel, not to
> mention p2p traffic.
>
> Should I block all egress high ports 1024:65535 unless they are somehow
> related to traffic, which I am unsure of how that works.
>
> Shane
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
>
Can you switch to privet IP space?
Most laptop users will be running Windows XP. Lets keep it simple and
say they use PPTP for the VPN connection. That's port 1723. Just setup a
network with privet IP space and allow port 1723 access.
Got the XP info from this website.
http://wireless.gumph.org/content/6/4/014-howto-xp-pptp-vpn-testing.html
- --
You can get my public PGP key at https://keyserver.pgp.com
Digital Overload
http://www.digitaloverload.net
Keep your data safe by doing regular backups. At Digital Overload we use
a combination of DVD and hard drive backups. For off site storage we use
a safe-deposit box at the bank. All backups are encrypted.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFEhduh+rNhalK/8UURAv2WAJ91pqgQ8oayrE8fhaZYcQ7ZwNxZHACfVOWj
0hkYyfyv8oYRhmhhLcM5qVM=
=ixkQ
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Jun 6 11:47:20 2006
This archive was generated by hypermail 2.1.8 : Tue Jun 06 2006 - 11:47:20 AKDT