[OPLINTECH] Wi-Fi ports

Chad Neeper (list) cneeper at level9networks.com
Thu Jul 3 09:39:26 EDT 2008


Most of the libraries I've set up with wireless have pretty much 
unrestricted outbound access. The access point(s) are behind IPCop 
firewalls, which isolates the private library network from the APs and 
protects the APs from the Internet. Since the APs are behind IPCop, 
those libraries that have DansGuardian content filtering installed in 
IPCop have filtered wireless access as well. Over the many years and 
libraries in this configuration, I can't think of any patron complaints 
that have made it to my ears, but have had many positive comments passed 
to me via the staff.

Chad

-----------------------
Chad Neeper
Senior Systems Engineer

Level 9 Networks
740-548-8070 (voice)
866-214-6607 (fax)

--   Full LAN/WAN consulting services   --
-- Specialized in libraries and schools --



Avery Shifflett wrote:
> I’d like some opinions from library techs operating a Wi-Fi hotspot.  
> After receiving a suggestion from a patron who thought our wireless was
> too ‘restrictive’, I’m curious what ports others leave open or closed. 
> Any reasons why you've chosen to close or open specific ports would be
> appreciated.
>
> In case you’re curious, here’s my current setup:
> I’m running a Linux (SUSE) server with DansGuardian (a *great* filter,
> amazingly fast and reliable, and of course…free).  On the wireless end, I
> currently only allow http(80) and https(443) traffic.  Https traffic is
> transparently forced through the filter (via wpad.dat & Squid) so I can at
> least block by website name, since secure content cannot be analyzed.
>
> 99% of our patrons are quite satisfied and don’t feel restricted in the
> least.   It may be restrictive to the other 1% who want FTP, VPN, etc.,
> but I don’t want to needlessly compromise security or allow the filter to
> be bypassed.
>
> Thanks for any input.
>
> Avery Shifflett
> Technology Coordinator
> Carroll County District Library
> 70 Second St NE
> Carrollton, OH  44615
> 330-627-2613 - PHONE
> 330-627-2523 - FAX
>
>
>
>
>
> _______________________________________________
> OPLINTECH mailing list
> OPLINTECH at oplin.org
> http://mail.oplin.org/mailman/listinfo/oplintech
>
>   

-- 

-----------------------
Chad Neeper
Senior Systems Engineer

Level 9 Networks
740-548-8070 (voice)
866-214-6607 (fax)

--   Full LAN/WAN consulting services   --
-- Specialized in libraries and schools --



More information about the OPLINTECH mailing list