[unisog] VPN Survey Results

Daniel Feenberg feenberg at nber.org
Sat May 3 11:08:47 GMT 2003



On Fri, 2 May 2003, Pete Hickey wrote:

> When a conference is held at our university, the conference
> organizers want to offer wireless to the attendees.  For the
> conference, people seem to want simplicity: nothing.  (attendees
> are on their own for security.)
> 

We just put the wireless network OUTSIDE our firewall and use no
login/WEP/MAC security at all. You might want to block port 25 (better
yet, divert outbound SMTP traffic to your own server). Attendees don't
want access to your network, they want access to their home LAN over the
Internet.

Anything else will require extensive individualized help for each user,
and cause them problems when they return home and find their machine
misconfigured for their home network.

There are millions of APs configured with no security, whether
deliberately as community wireless, or accidentally by clueless users and
in spite of a great deal of negative publicity, no adverse events have
been reported. If you just keep it out of your internal network, you will
be in the clear.





More information about the unisog mailing list