+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 37
General Chat Thread, Caretakers wlan in General; Someone shoot the caretaker Just fixing my laptop trolley, lots of problems but mostly pupils have worked out they can ...
  1. #1
    Unvalidated User
    Join Date
    Nov 2007
    Location
    the Pub
    Posts
    255
    Thank Post
    7
    Thanked 11 Times in 10 Posts
    Rep Power
    0

    Caretakers wlan

    Someone shoot the caretaker

    Just fixing my laptop trolley, lots of problems but mostly pupils have worked out they can tinker with the wlan settings. Its because I have the network icon in the system tray down. They have all worked out that they can get on the caretakers network and go where they want. This then leaves the school setting messed up :-(

    I told him he needs to switch on encryption but not as if he cares and I dont fancy going over and setting up his xbox, a couple of pc's etc. as hes always trying to chuck me out early in the hols (and I book hours for overtime with looadss of work waiting)

    Looks like I am going to have to make it impossible to alter the settings

  2. #2
    AlexB's Avatar
    Join Date
    Jul 2006
    Location
    Warwickshire
    Posts
    412
    Thank Post
    40
    Thanked 48 Times in 42 Posts
    Rep Power
    26
    Seems pretty simple to me, get an old/scraped machine (with wireless, laptop?). Install a torrent downloader, make sure it is set to unlimited upload/download, get 5-10 very big legit (yes they do exist! full versions of various mmorpgs comes to mind) torrents, connect the laptop to his router and set the torrents off, either he'll get fedup and set encryption or even if he doesn't then the connection should be that hopeless that the kids will stop bothering with it.


    Think of it as education by brute force

  3. #3

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,323
    Thank Post
    903
    Thanked 1,801 Times in 1,550 Posts
    Blog Entries
    12
    Rep Power
    467
    Quote Originally Posted by AlexB View Post
    Seems pretty simple to me, get an old/scraped machine (with wireless, laptop?). Install a torrent downloader, make sure it is set to unlimited upload/download, get 5-10 very big legit (yes they do exist! full versions of various mmorpgs comes to mind) torrents, connect the laptop to his router and set the torrents off, either he'll get fedup and set encryption or even if he doesn't then the connection should be that hopeless that the kids will stop bothering with it.


    Think of it as education by brute force
    Also make the laptop a DHCP server with a random IP range. That way he will get odd addresses

  4. #4

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,213 Times in 761 Posts
    Rep Power
    395
    This is not a technology issue, it's a management issue.

    Presumably the caretaker is in a school residence. If so, then what he does in the property is still the school's business, and I think there is a strong case for the headmaster (or another senior manager) to insist he sorts this out.

    This lax attitude to security is placing children in the school at risk and exposing the school to potential legal problems when a student one day accesses something they shouldn't, or a parent complains they have been looking at porn in school. This should not be seen any differently to behaviour such as leaving a pile of dirty mags outside in his garden where the kids can reach them.

  5. #5

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,377
    Thank Post
    525
    Thanked 2,613 Times in 2,019 Posts
    Blog Entries
    24
    Rep Power
    891
    Aruba wireless equipment has a tool which can 'kill' a signal of a rogue AP... So, if you feel like investing in that, you could...

  6. #6

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,625
    Thank Post
    747
    Thanked 1,707 Times in 1,520 Posts
    Rep Power
    437
    If it's no secure it probably also has the web gui for the router with it's default insecure password.

    You could secure it for him and tell him what the wpa key is.

    Alternatively disable the wireless from the gui and then change the default password.

    Ben

  7. #7
    Dom_'s Avatar
    Join Date
    Dec 2008
    Posts
    1,011
    Thank Post
    151
    Thanked 138 Times in 115 Posts
    Rep Power
    57
    As plexer said, just log in and lock him out, he can reset it - but do it a few times and he'll catch on

  8. #8
    Unvalidated User
    Join Date
    Nov 2007
    Location
    the Pub
    Posts
    255
    Thank Post
    7
    Thanked 11 Times in 10 Posts
    Rep Power
    0
    LOL.. some good plans here.

    I have been aware of it for a few weeks but it really took the biscuit when I seen how many school Laptops have been on there.

    If I tryed to tell him hes the sort of guy (think p'ed off bitter caretaker) that would tell me to ... off

    I have had up and downers in the past about things.

    Maybe ill try the gentle approach for this week and see how it goes.

    Our new acting head will go a bit mad so will try to explain things

    Also I think I need to use GPO to lock down the wireless settings a bit more as a normal user seems to be able to add network and alter settings (you know theres never time to make things water tight). Although this would miss the point if I only did this!!

    Ill let you all know of the developments
    Last edited by blacksheep; 22nd April 2009 at 05:02 PM.

  9. #9
    Unvalidated User
    Join Date
    Nov 2007
    Location
    the Pub
    Posts
    255
    Thank Post
    7
    Thanked 11 Times in 10 Posts
    Rep Power
    0
    Just asked him "I wont do it because last time I turned it on <sons name> couldnt get on the Internet"

    Interesting technical insight there so I offered to set it up for him and he seems more receptive. 6 Clients though.

  10. #10
    AlexB's Avatar
    Join Date
    Jul 2006
    Location
    Warwickshire
    Posts
    412
    Thank Post
    40
    Thanked 48 Times in 42 Posts
    Rep Power
    26
    Quote Originally Posted by blacksheep View Post
    Also I think I need to use GPO to lock down the wireless settings a bit more as a normal user seems to be able to add network and alter settings (you know theres never time to make things water tight). Although this would miss the point if I only did this!!
    On this thought, anyone know a way to set wireless settings with encryption + password in the GPO, by default I think you cannot set a password and the only other available option is 11x authentication...

    I've gone down both routes in the past and I can't say I'm happy with either as when computers lose their GPO settings they lose their wireless settings too, which means they can't connect back to the network to pickup the GPO again!

    What I've started doing is pre domain machines have appropriate wireless settings configured. Then the GPO overwrites with the same settings so even if it loses the GPO it will revert to the pre GPO wireless settings and is able to grab the GPO again. Downside here is I can't change wireless settings on APs and GPO without losing the fallback connection!

    Any thoughts?
    Last edited by AlexB; 24th April 2009 at 11:09 AM. Reason: fixing quote

  11. #11
    Unvalidated User
    Join Date
    Nov 2007
    Location
    the Pub
    Posts
    255
    Thank Post
    7
    Thanked 11 Times in 10 Posts
    Rep Power
    0
    On this thought, anyone know a way to set wireless settings with encryption + password in the GPO, by default I think you cannot set a password and the only other available option is 11x authentication...
    Did hope I could set a policy to enforce a particular wireless network connection. Tryed creating a policy but I can still search for a new one. Havent spent a lot of time on this so if anyone knows of anything?

    I just hiding the connection icon does for most things, although if you switch wlan off you can see it again. Need to look at this.

    Im almost thinking Why should I bother doing this to all the school laptops, not until I can sort [yet another] management issue out about setting up wireless network on the premises.

    Also - Do you guys allow pupils to bring in laptops? The odd one wasnt a problem but its gone quite busy here which will obviously slow down the existing LAN as they fight for bandwith. I had a laptop jumping all over the place yesterday although she was like 5 metres from the access point, turned out to be other non-school laptop nearby! Been picking up a lot of 'adhoc' type network activity.

  12. #12
    Unvalidated User
    Join Date
    Nov 2007
    Location
    the Pub
    Posts
    255
    Thank Post
    7
    Thanked 11 Times in 10 Posts
    Rep Power
    0
    This is not a technology issue, it's a management issue.
    Have implemented some GP settings, so after putting them back on you cannot see the wlan network icon, but you can when it first connects. So if you disable and re-enable wireless using the hardware button on the front you can see the icon for about 10 seconds or so. If you click this you can see any found networks. However this is far as I am going as I have to leave problems occur here a lot of the time.. and there are other pressing issues to sort out.

    However I have stated the issues and the fact that there are pupils with there own laptops around the school and they now have a nice insecure hotspot but the only response ive got is "do you want me to say something". So of course I have gone with that but I wont expect much more unless something bigger happens.

    To me this is quite dissapointing response really as I try to do the best job I can for the kids sake a lot of the time. The downside of some non-technical managers I suppose.

    What you guys think? I dont see why I should bother going after it myself now.

  13. #13

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    Boston, MA
    Posts
    7,597
    Thank Post
    109
    Thanked 770 Times in 598 Posts
    Rep Power
    183
    Quote Originally Posted by blacksheep View Post
    What you guys think? I dont see why I should bother going after it myself now.
    You should simply put in writing the child safety issues caused by piggy-backing on the unfiltered access and also the security implications associated with outsiders being able to connect your network to the Internet via this AP using a simple network bridge. Also detail how many times you have had to fix the settings problem and how m,uch time you would estimate that this has taken.

    These should be copied to your head and the child protection officer (usually an assistant or deputy head).

    You should also force the use of a proxy via GPO and prevent access to change the settings - that way they shouldn't be able to get a direct connection to the net.

  14. #14

    sparkeh's Avatar
    Join Date
    May 2007
    Posts
    7,155
    Thank Post
    1,422
    Thanked 1,831 Times in 1,235 Posts
    Blog Entries
    22
    Rep Power
    554
    Quote Originally Posted by Ric_ View Post
    You should simply put in writing the child safety issues caused by piggy-backing on the unfiltered access and also the security implications associated with outsiders being able to connect your network to the Internet via this AP using a simple network bridge. Also detail how many times you have had to fix the settings problem and how m,uch time you would estimate that this has taken.

    These should be copied to your head and the child protection officer (usually an assistant or deputy head).

    You should also force the use of a proxy via GPO and prevent access to change the settings - that way they shouldn't be able to get a direct connection to the net.
    +1
    This isn't an issue that you should be looking for a technical solution for, its a management problem that the management should be dealing with.

  15. #15

    Join Date
    Oct 2008
    Location
    Somewhere in the north
    Posts
    351
    Thank Post
    11
    Thanked 14 Times in 12 Posts
    Rep Power
    15
    Am I being exceptionally thick here - why does the caretaker have his own wireless network? Surely the IT dept (i.e. you) are responsible for & in charge of all such things within the school?



SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. WLAN channels... all diff or all same?
    By contink in forum Wireless Networks
    Replies: 6
    Last Post: 12th January 2009, 06:11 PM
  2. Caretakers
    By googlemad in forum General Chat
    Replies: 15
    Last Post: 5th September 2008, 11:28 PM
  3. IPaq Vs WLAN
    By dan400007 in forum Windows
    Replies: 17
    Last Post: 11th March 2008, 05:28 PM
  4. Securing a WLAN question at an interview
    By ranj in forum Educational IT Jobs
    Replies: 6
    Last Post: 24th December 2007, 06:33 PM
  5. WLAN suggestions
    By Domino in forum Wireless Networks
    Replies: 18
    Last Post: 25th October 2007, 01:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •