“WiFi Hotspots Cont’d” In any network, security is an integral part of any wireless network, as well as public WiFi hotspots. If you set your router to create an open hotspot, anyone who has a wireless card will be able to use your signal. Most people would rather keep strangers out of their network, though. Doing so requires you to take a few security measures. It’s also important to make sure your security precautions are current. The Wired Equivalency Privacy (WEP) security measure was once the standard for WAN security. The idea behind WEP was to create a wireless security platform that would make any wireless network as secure as a traditional wired network. But hackers discovered vulnerabilities in the WEP approach, and today it’s easy to find applications and programs that can compromise a WAN running WEP security.
"WiFi Hotspots Cont’d”
In any network, security is an integral part of any wireless network, as well as public WiFi hotspots. If you set your router to create an open hotspot, anyone who has a wireless card will be able to use your signal. Most people would rather keep strangers out of their network, though. Doing so requires you to take a few security measures. It’s also important to make sure your security precautions are current. The Wired Equivalency Privacy (WEP) security measure was once the standard for WAN security. The idea behind WEP was to create a wireless security platform that would make any wireless network as secure as a traditional wired network. But hackers discovered vulnerabilities in the WEP approach, and today it’s easy to find applications and programs that can compromise a WAN running WEP security.
In order to keep your network private, you have to use one of the following methods; WiFi Protected Access (WPA), this is a step ahead of the WEP and is now part of the 802.11i wireless network security protocol. It uses temporal key integrity protocol (TKIP) encryption. As with WEP, WPA security involves signing on with a password. Most public hotspots are either open or use WPA or 128-bit WEP technology, though some still use the vulnerable WEP approach. Media Access Control (MAC) address filtering is a little different from WEP or WPA. It doesn’t use a password to authenticate users; it uses a computer’s physical hardware. Each computer has its own unique MAC address. MAC address filtering allows only machines with specific MAC addresses to access the network. You must specify which addresses are allowed when you set up your router. This method is very secure, but if you buy a new computer or if visitors come to your place and want to use your network, you’ll need to add the new machines’ MAC addresses to
the list of approved addresses. The system isn’t fool proof. A clever hacker can spoof a MAC address on the network and make a copy of a known MAC address to fool the network that the computer he or she is using belongs on the network.
After setting up all the necessary hardware, there is the need for software to manage and control the hotspot aspects as in accessibility and or billing (if it is a pay hotspot). There are lots of software that perform this, some come built inside the very Hotspot WiFi routers and yet, others run off conventional servers. The choice of what to use is all upon the owners and the complexity of the hotspot. For free hotspots, there is no need for any management software as this would amount to wastage. In cases where the hotspot is installed solely for making money, then a good and fool-proof system must be put in place so that you realise revenue and be able to carry out audits on the hotspot agents. Hotspot Gateway enables providing of public network access for clients using wireless or wired network connections. Hotspot Gateway have the following features; authentication of clients using local client database, or RADIUS server, accounting using local database, or RADIUS server, walled-garden system (acces
sing some web pages without authorization).
Hotspot is a way to authorize users to access some network resources. It does not provide traffic encryption. To log in, users may use almost any web browser (either HTTP or HTTPS protocol), so they are not required to install additional software. The gateway is accounting the uptime and amount of traffic each of its clients has used, and also can send this information to a RADIUS server. The Hotspot system may limit each particular user’s bitrate, total amount of traffic, uptime and some other parameters mentioned further in this document. The Hotspot system is targeted to provide authentication within a local network (to access the Internet), but may as well be used to authorize access from outer networks to access local resources. Configuring Walled Garden feature, it is possible to allow users to access some web pages without the need of prior authentication.