1. Home
  2. Cisco Systems
  3. Hotel shared wireless and security

Hotel shared wireless and security

Hello!

Several hotels that I have been to provide wireless Internet access and have an un-encrypted wireless signal. Some of them are wide open for literally anyone to use (shame on them!) and others require some sort of authentication (using a RADIUS server?) to get onto the system, but their signal is still un-encrypted. I was recently at a Ramada Inn and their wireless access required a login password via Greenlink, but once on line, the connection showed as unsecured in Windows XP.

The question I am most often asked regarding security is whether or not the guests' wireless communications are securely encrypted. Is it possible for wireless communications to be secure in a hotel environment using shared wireless access without end-user intervention in the setup process?

I am interested in providing hotels with wireless Internet access for their guests. What I would like to have is a solution that authenticates via RADIUS or other means, and automatically turns on encryption on the guests' connections. No guest (or outsider) should be able to sniff another guest's wireless connection. Is that even possible?

Gregg Hill

Reply to
Gregg Hill
Loading thread data ...

In article , Gregg Hill wrote: :The question I am most often asked regarding security is whether or not the :guests' wireless communications are securely encrypted. Is it possible for :wireless communications to be secure in a hotel environment using shared :wireless access without end-user intervention in the setup process?

Hmmmm... Tricky indeed, but plausible.

The key is to either intercept or block all direct http:// requests that the user types in, and issue a http:// redirect to an https:// cgi script that proxies the request. The proxie would be on a wired connection, so the unencrypted actual data transfer is done off-air. To make things easier, any URL in the result should be rewritten in terms of the https:// redirector, so that if the user clicks a link even the request will be encrypted.

Or, you could save a bunch of work and just go look at ZyAir's HotSpot. I don't recall the exact technology, but it has the effect of the above -- an encrypted link automatically gets interposed without requiring any client reconfiguration.

Reply to
Walter Roberson

That might solve the problem for web browsing, but what about things like email?

Reply to
Barry Margolin

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.