View Single Post
  #9  
Old July 17th 17, 10:55 AM posted to uk.telecom.broadband,uk.comp.homebuilt
Johnny B Good
external usenet poster
 
Posts: 1
Default How many subnets in a typical McDonalds?

On Mon, 17 Jul 2017 09:07:23 +0100, [email protected] wrote:

On 16/07/2017 22:08, Adrian Caspersz wrote:
If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no... as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).

Current plan is multiple DHCP leases, all individually on their own
local lan subnets, each subnet connected to the internet but nowhere
else.

Does anyone do an out-of-the-box software build for this DHCP that runs
on a rPI? Extra points if it has a nice GUI....

... or I'll have to sit down and script one for DNSmasq


Its virtually impossible to secure the wireless side.
You can make it more difficult but someone with the will and knowledge
can break it in a matter of seconds to hours depending on what you
setup.

There is nothing you can do to stop people monitoring the wireless and
its easy to crack the current encryption standards.


If you want security you *need* to only allow access to a VPN server
with strong encryption. Then the server rules determine who can access
what.


If all you want to do is stop wireless clients talking to each other
then look for an AP that has a setting to prevent this. My old netgear
had such a setting. Once set clients could only see the wired side and
not other wireless clients.

You probably need to download the manual and look as its doesn't appear
as a feature in the sales stuff on many AP.


The Tweepadock in the room is that this by itself won't prevent an
enterprising hacker from using a laptop as a fake AP in order to run a
MITM intercept operation.

--
Johnny B Good