A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

How many subnets in a typical McDonalds?



 
 
Thread Tools Display Modes
  #11  
Old July 17th 17, 02:57 PM posted to uk.telecom.broadband,uk.comp.homebuilt
[email protected][_2_]
external usenet poster
 
Posts: 3
Default How many subnets in a typical McDonalds?

On 17/07/2017 10:55, Johnny B Good wrote:
On Mon, 17 Jul 2017 09:07:23 +0100, [email protected] wrote:

On 16/07/2017 22:08, Adrian Caspersz wrote:
If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no... as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).

Current plan is multiple DHCP leases, all individually on their own
local lan subnets, each subnet connected to the internet but nowhere
else.

Does anyone do an out-of-the-box software build for this DHCP that runs
on a rPI? Extra points if it has a nice GUI....

... or I'll have to sit down and script one for DNSmasq


Its virtually impossible to secure the wireless side.
You can make it more difficult but someone with the will and knowledge
can break it in a matter of seconds to hours depending on what you
setup.

There is nothing you can do to stop people monitoring the wireless and
its easy to crack the current encryption standards.


If you want security you *need* to only allow access to a VPN server
with strong encryption. Then the server rules determine who can access
what.


If all you want to do is stop wireless clients talking to each other
then look for an AP that has a setting to prevent this. My old netgear
had such a setting. Once set clients could only see the wired side and
not other wireless clients.

You probably need to download the manual and look as its doesn't appear
as a feature in the sales stuff on many AP.


The Tweepadock in the room is that this by itself won't prevent an
enterprising hacker from using a laptop as a fake AP in order to run a
MITM intercept operation.


The VPN server will as the MITM won't be able to decrypt anything.
Then a one time password will prevent any replay attacks too.

Its a bit much for the average user to need though.

I do run a VPN server but I use pre shared keys which stops the MITM but
not a replay. It doesn't matter much as the banking apps have their own
security anyway.


  #12  
Old July 17th 17, 05:46 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Andy Burns[_5_]
external usenet poster
 
Posts: 163
Default How many subnets in a typical McDonalds?

Theo wrote:

you can do exactly the same setup with a public class A as with
10.0.0.0/8 - just in the latter case somewhere down the road needs to
be a NAT if you want internet access.


Or a transparent proxy ...
  #13  
Old July 17th 17, 08:38 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Adrian Caspersz
external usenet poster
 
Posts: 52
Default How many subnets in a typical McDonalds?

On 17/07/17 07:03, Henry Law wrote:
On 16/07/17 22:08, Adrian Caspersz wrote:
If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no... as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).


The small community centre for which I'm "IT manager" (who I manage
other than myself I'll leave as an exercise) has a Cisco small-business
router at the heart of the network. It supports multiple VLANs and in
the definition of each there's a tick box which enables or disables the
ability for any host on that VLAN to see any other. With that facility
enabled all that a visitor's phone or laptop, connected casually by
wifi, can see is the router itself for the purpose of connecting to the
internet.

Would that facility meet your need?


Yup.

A full VLAN solution would be easy, I've done it myself with Plusnet's
TG582N reconfigured and a managed TP-LINK switch. But this scheme is on
a limited budget as the fellow hasn't really got others fully on board
and I'm working in a vicious minefield with my second-hand throw-outs
I've donated to get them going.

With some of the nastiness said today, I'm sorely tempted to leave all
dancing in the same subnet, and as Graham J has mentioned let the users
worry about their own security.

Problem is, the users are kids. If it progresses to typical Windows
virus distribution mayhem then I am just going to be elsewhere ...

Why did I agree to help?

--
Adrian C
  #14  
Old July 17th 17, 09:40 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Adrian Caspersz
external usenet poster
 
Posts: 52
Default How many subnets in a typical McDonalds?

On 17/07/17 09:07, [email protected] wrote:
On 16/07/2017 22:08, Adrian Caspersz wrote:
If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no... as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).

Current plan is multiple DHCP leases, all individually on their own
local lan subnets, each subnet connected to the internet but nowhere
else.

Does anyone do an out-of-the-box software build for this DHCP that
runs on a rPI? Extra points if it has a nice GUI....

... or I'll have to sit down and script one for DNSmasq


Its virtually impossible to secure the wireless side.
You can make it more difficult but someone with the will and knowledge
can break it in a matter of seconds to hours depending on what you setup.


This is/was just a DHCP question for joining new clients. Actual media
unimportant, If I was using wireless I'd just use WPA2.

Wireless was mentioned as that's what McDonalds use for a public
service, and anyway their system is quite different to what I can
(can't) do with a domestic BT router and an unmanaged switch, and
distributed wireless access points and ethernet sockets.

With this particular client, unfortunately it will be pointless going
further. Think my cabling invoice is going south as well

--
Adrian C
  #15  
Old July 17th 17, 10:04 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Henry Law
external usenet poster
 
Posts: 40
Default How many subnets in a typical McDonalds?

On 17/07/17 19:38, Adrian Caspersz wrote:
Why did I agree to help?


We were all too polite to say that ...

--
Henry Law n e w s @ l a w s h o u s e . o r g
Manchester, England
  #16  
Old July 18th 17, 09:48 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Roger
external usenet poster
 
Posts: 86
Default How many subnets in a typical McDonalds?

On 17/07/2017 20:40, Adrian Caspersz wrote:
On 17/07/17 09:07, [email protected] wrote:
On 16/07/2017 22:08, Adrian Caspersz wrote:
If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no... as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).

Current plan is multiple DHCP leases, all individually on their own
local lan subnets, each subnet connected to the internet but nowhere
else.

Does anyone do an out-of-the-box software build for this DHCP that
runs on a rPI? Extra points if it has a nice GUI....

... or I'll have to sit down and script one for DNSmasq


Its virtually impossible to secure the wireless side.
You can make it more difficult but someone with the will and knowledge
can break it in a matter of seconds to hours depending on what you setup.


This is/was just a DHCP question for joining new clients. Actual media
unimportant, If I was using wireless I'd just use WPA2.

Wireless was mentioned as that's what McDonalds use for a public
service, and anyway their system is quite different to what I can
(can't) do with a domestic BT router and an unmanaged switch, and
distributed wireless access points and ethernet sockets.

With this particular client, unfortunately it will be pointless going
further. Think my cabling invoice is going south as well

LEDE/Openwrt allows you to isolate wireless clients from each other and
can be installed on a RPi
  #17  
Old July 23rd 17, 04:00 AM posted to uk.telecom.broadband,uk.comp.homebuilt
John Rumm
external usenet poster
 
Posts: 115
Default How many subnets in a typical McDonalds?

On 16/07/2017 22:08, Adrian Caspersz wrote:

If I wander in there with n devices connected to their wifi, can the
interfaces talk to each other as well as the net?

I'm hoping the answer is no...


That would seem like a sensible option.

as I'm dreaming up a shared internet
facility trying to keep student users roughly isolated on a simple
switch (no VLAN support).

Current plan is multiple DHCP leases, all individually on their own
local lan subnets, each subnet connected to the internet but nowhere else.


Alternatively just use a router / AP that has the option to isolate all
the wireless clients from each other and also the wired LAN. Many of the
Draytek range for example will do this.

Does anyone do an out-of-the-box software build for this DHCP that runs
on a rPI? Extra points if it has a nice GUI....


https://www.youtube.com/watch?v=B0B2ubBq1iE


--
Cheers,

John.

/================================================== ===============\
| Internode Ltd - http://www.internode.co.uk |
|-----------------------------------------------------------------|
| John Rumm - john(at)internode(dot)co(dot)uk |
\================================================= ================/
  #18  
Old July 25th 17, 06:15 PM posted to uk.telecom.broadband,uk.comp.homebuilt
Mike Tomlinson
external usenet poster
 
Posts: 285
Default How many subnets in a typical McDonalds?

En el artículo , Roger
escribió:

LEDE/Openwrt allows you to isolate wireless clients from each other and
can be installed on a RPi


One of my previous xDSL routers offered "Wireless Isolation". I always
wondered what it was.

Might have been the DGTeam firmware running on a Netgear DG834GT.

--
(\_/)
(='.'=) "Between two evils, I always pick
(")_(") the one I never tried before." - Mae West
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
What will a typical O2 email address look like? Martin ©¿©¬ @nohere.net uk.telecom.broadband (UK broadband) 7 June 16th 08 07:54 PM
Router with two private subnets Ted B uk.telecom.broadband (UK broadband) 4 January 12th 07 11:57 PM
FAQ on subnets ? zjustice uk.telecom.broadband (UK broadband) 1 September 4th 05 04:22 PM
Typical download figures JPG uk.telecom.broadband (UK broadband) 3 February 24th 05 02:58 AM
Wireless subnets 192.168.0 and 192.168.1 Alfie uk.telecom.broadband (UK broadband) 7 October 31st 04 07:49 PM


All times are GMT +1. The time now is 11:48 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright ©2004-2017 BroadbanterBanter.
The comments are property of their posters.