Restricting Wireless Access on Campus? 89
Diety_in_A_Minor asks: "How would one set up a wireless network on a campus such that restrictions can occur by classroom? My back of the napkin solution would be to relate MAC addresses to class schedules, and have the DHCP server allow access to student-registered MAC addresses only during specific times. Although possible, this solution requires tremendous maintenance. What other solutions are there? One class in a building will require restrictions, while both classrooms adjacent to it need open access."
Weaken signal strength (Score:5, Interesting)
Why? (Score:4, Interesting)
Or is it some old teacher that thinks that it'll somehow force people listen to their boring, pointless lectures, when the students will likely just find something else to entertain themselves with.
mac address (Score:3, Interesting)
1) You don't have large numbers of people openly subverting the system
2) People don't have administrative access to their own boxes
Neither of which is true in a college environment. You can tell an ethernet card to change its effective mac address to anything and students will share with information with each other.
Security requires that:
a) the people with access want to protect the information from the people without access
b) The people with access cannot communicate to the people without access
You don't have either situation. Rather what you have is a 3rd party creating a security policy (which classrooms have access) which does not enjoy student support. I agree with the poster who commented on a wired solution, this seems 100x easier.
Yeah, go off MAC addresses, (Score:2, Interesting)
Come on, if you're a University, then you've already got fat pipes, and probably let the kids in dorms and the library have unlimited access, so why treat your other students like crap just because they're in the wrong location.
And if you limit their internet access, what kind of education do you think that you're providing them with by limiting the information that they can access?
Hell, and even if you try to, odds are that anybody with half a brain will hack it, or the user with access is going to set up their system as an IP masquerading AP.
quit counting beans (Score:2, Interesting)
That being said, no mac filtering or proxy solutions are going too be fool proof (or, more accuratly, geek proof). It is easy enough to setup NAT on a laptop to give access to the next room, or spoof your MAC. As I see it, there are two possible solutions that would virtually gaurentee that you accieve what you are trying to accomplish:
Magneticly seal each classroom: difficult, expensive, effective.
Jam 2.4 GHz in classrooms that you don't want access in: Cheaper, but may cause unwanted interference. Leaves 802.11a wide open for repeaters. Questionable legality?
Best of all, both of these solutions have the added benifit of blocking those &*$#!@#%$*% cell phones!
Keep it open! (Score:2, Interesting)