MagrathOpen Wifi Standards
Proposal to Magrath Chamber of Commerce version 1.0 Sep 2015
MagrathOpen standard for free public wifi within Magrath and Chamber member establishments
1. Preamble: Many local establishments have expressed interest in providing internet access to their clients and customers. Some are doing it now. The availability of inexpensive wireless routers and existing capacity within existing internet service used for normal office use make this task very feasible for many. However, without an open standard, the service is hit and miss from a community perspective requiring different passcodes at each of the various locations and with undetermined security risk to local providers.
2. The Goal: To provide a standard branded public wifi service that can be accessed within our local establishments using a standard broadcast name and user password that also promotes Chamber initiatives and objectives. Using inexpensive hardware with a consistent router configurations, our customers and clients will easily be able to access email and browse the internet within our local area (ie whenever near enough to a participating MagrathOpen configured public router).
3. Implementation: We propose 'MagrathOpen' for the broadcast name and 'ShopMagrath' as the access password. With this single password and whenever within range of an MagrathOpen configured wireless router basic internet on portable devices (phones/tablets/etc) will be accessible. Placement and configuration of the public vs private wireless routers are key to maximizing convenience and security within the participating nodes. Following the recommendations in this document, the private business networks can be easily segregated and protected from the public for increased security and minimal risk to each participating node provider.
MagrathOpen standard for free public wifi within Magrath and Chamber member establishments
1. Preamble: Many local establishments have expressed interest in providing internet access to their clients and customers. Some are doing it now. The availability of inexpensive wireless routers and existing capacity within existing internet service used for normal office use make this task very feasible for many. However, without an open standard, the service is hit and miss from a community perspective requiring different passcodes at each of the various locations and with undetermined security risk to local providers.
2. The Goal: To provide a standard branded public wifi service that can be accessed within our local establishments using a standard broadcast name and user password that also promotes Chamber initiatives and objectives. Using inexpensive hardware with a consistent router configurations, our customers and clients will easily be able to access email and browse the internet within our local area (ie whenever near enough to a participating MagrathOpen configured public router).
3. Implementation: We propose 'MagrathOpen' for the broadcast name and 'ShopMagrath' as the access password. With this single password and whenever within range of an MagrathOpen configured wireless router basic internet on portable devices (phones/tablets/etc) will be accessible. Placement and configuration of the public vs private wireless routers are key to maximizing convenience and security within the participating nodes. Following the recommendations in this document, the private business networks can be easily segregated and protected from the public for increased security and minimal risk to each participating node provider.
Aside: Why not just remove the password or give out your existing home/business wifi password to customers? The short answer is first, it is a huge security risk – opening up your local computers to potential access to whomever happens to get onto your network, and second, it opens you and/or your business up to potential liability for whatever illegal activity that might originate from your internet network by a malicious user. This same setup could be done in local residences – eliminating the need/risk of your family/children giving your home wifi password to friends and acquaintances and extending the utility of the open network.
If you already offer public wifi access, you can simply configure your existing public router with the standard broadcast name and password to join in.
3.1 Hardware required: Your choice of any modern wireless router - from surplus or any local vendor [1]. Many models are available for $50-100. Local configuration or service costs are available at reasonable rates [2]. A separate router for your public and private networks is required. Only the public router need be wireless, but both can be if desired.
3.2 Configuration: Setup of your public wireless router varies by model and brand. You will need to know the router's admin user and password or reset it to the default for your brand. Then set the wireless access with the standard SSID broadcast name as MagrathOpen and the wireless security WPA-Personal pre-shared key/password = ShopMagrath (case sensitive).
3.3 Set the public network IP to 192.168.9.9 [3]. Ensure your private network IP is set to some other range, e.g. 192.168.1.1 or similar but not 192.168.9.x or 192.168.9x.x. Document your public and private router admin passwords and IP ranges (for convenience – they can be physically reset if needed).
3.4 Placement of the router is key to segregating access between your public and private networks. By placing the public router as the first connection to your internet and having your private network router plugged into the public one, you thereby block access from public to private network, while maintaining internet for both and allowing access from the private network to local resources (servers/printers/etc) and back to the public router (for reconfiguration purposes).
3.1 Hardware required: Your choice of any modern wireless router - from surplus or any local vendor [1]. Many models are available for $50-100. Local configuration or service costs are available at reasonable rates [2]. A separate router for your public and private networks is required. Only the public router need be wireless, but both can be if desired.
3.2 Configuration: Setup of your public wireless router varies by model and brand. You will need to know the router's admin user and password or reset it to the default for your brand. Then set the wireless access with the standard SSID broadcast name as MagrathOpen and the wireless security WPA-Personal pre-shared key/password = ShopMagrath (case sensitive).
3.3 Set the public network IP to 192.168.9.9 [3]. Ensure your private network IP is set to some other range, e.g. 192.168.1.1 or similar but not 192.168.9.x or 192.168.9x.x. Document your public and private router admin passwords and IP ranges (for convenience – they can be physically reset if needed).
3.4 Placement of the router is key to segregating access between your public and private networks. By placing the public router as the first connection to your internet and having your private network router plugged into the public one, you thereby block access from public to private network, while maintaining internet for both and allowing access from the private network to local resources (servers/printers/etc) and back to the public router (for reconfiguration purposes).
. Bef: [Internet Modem] – [Private Router 192.168.x.x] – [Public/Private Computers/Tablets/Phones]
.
. Aft: [Internet Modem] – [Public Router 192.168.9.9] – [Private Router 192.168.x.x]
. | |_ [Private/Business Computers/Tablets/Phones]
. |_ [Public Computers/Tablets/Phones]
If you have a combination Internet Modem/Router, you can simply use that for your public network and connect your separate private router to it as outlined above.
4. Security: While no computer system is impregnable, we can maximize utility and service to our users and minimize the risk to your networks by following these proposed best practice standards. Hardware and Internet service owned and provided by participating users. They are ultimately responsible for their own systems. It is not expected that the number of users on the public side will slow down the required internet access on the private network side - as the number of connected users is limited to the broadcast area (about the size of a house).
We recommend users also take steps to limit access to unwanted sites (ie block unsavory/questionable websites) or high demand (netflix, youtube, etc) on their public side service. This can be accomplished using services like OpenDNS or similar.
5. Legal Issues: Most business owners think little of customers borrowing a 'cup of internet', comparing it to them asking to use the office phone for a local call .. but there are legal and financial issues to consider especially in the areas of copyrighted material downloads, other criminal activites, and protection of user data/privacy of/by public users on your public wifi network (see http://usemynet.com/hotspot-law for discussion of some of these issues). Individual public wifi participants are responsible for their own systems and decisions. While we feel the risk of this occurring within our fair town is minimal, owners/decision makers of public wifi systems must consider these issues and potential risks prior to implementation.
6. Summary: Advantage - Wherever this standard is implemented, public users with have access to MagrathOpen public wifi with only a single pre-shared key required = 'ShopMagrath'. Chamber could promote the service with signage “Free MagrathOpen WIFI Here – password = ShopMagrath – Support your Magrath Chamber!” or similar.
7. Copyright: This document/webpage licenced under the Attribution-ShareAlike 4.0 International licence.
/rdd
.
. Aft: [Internet Modem] – [Public Router 192.168.9.9] – [Private Router 192.168.x.x]
. | |_ [Private/Business Computers/Tablets/Phones]
. |_ [Public Computers/Tablets/Phones]
If you have a combination Internet Modem/Router, you can simply use that for your public network and connect your separate private router to it as outlined above.
4. Security: While no computer system is impregnable, we can maximize utility and service to our users and minimize the risk to your networks by following these proposed best practice standards. Hardware and Internet service owned and provided by participating users. They are ultimately responsible for their own systems. It is not expected that the number of users on the public side will slow down the required internet access on the private network side - as the number of connected users is limited to the broadcast area (about the size of a house).
We recommend users also take steps to limit access to unwanted sites (ie block unsavory/questionable websites) or high demand (netflix, youtube, etc) on their public side service. This can be accomplished using services like OpenDNS or similar.
5. Legal Issues: Most business owners think little of customers borrowing a 'cup of internet', comparing it to them asking to use the office phone for a local call .. but there are legal and financial issues to consider especially in the areas of copyrighted material downloads, other criminal activites, and protection of user data/privacy of/by public users on your public wifi network (see http://usemynet.com/hotspot-law for discussion of some of these issues). Individual public wifi participants are responsible for their own systems and decisions. While we feel the risk of this occurring within our fair town is minimal, owners/decision makers of public wifi systems must consider these issues and potential risks prior to implementation.
6. Summary: Advantage - Wherever this standard is implemented, public users with have access to MagrathOpen public wifi with only a single pre-shared key required = 'ShopMagrath'. Chamber could promote the service with signage “Free MagrathOpen WIFI Here – password = ShopMagrath – Support your Magrath Chamber!” or similar.
7. Copyright: This document/webpage licenced under the Attribution-ShareAlike 4.0 International licence.
/rdd
MagrathOpen Wifi Standards by Roger Davies is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Based on a work at http://www.ssdirect.com/magrathopen-wifi.html. |
8. Disclaimer: This document is provided for informational purposes only – not as legal advice. The accuracy of this information is not guaranteed. Users are advised to seek professional help if they are concerned about a specific legal or security issue.
[1] No particular router brand or vendor is preferred. Sample page is from a D-Link router. Most modern wireless modems should work satisfactorily within the proposed standard.
[2] e.g. Soft Serve Direct currently charges $50/hr to implement and test a system to this standard (see ssdirect.com).
[ 3] Choice of the IP 192.168.9.9 is arbitrary and not critical – it just simplifies the identity of the private vs public users across the proposed standard system. If overlap is experienced by users due to close proximity of multiple public routers, we can extend the IP numbers to 192.168.9x.9 as needed ..
[1] No particular router brand or vendor is preferred. Sample page is from a D-Link router. Most modern wireless modems should work satisfactorily within the proposed standard.
[2] e.g. Soft Serve Direct currently charges $50/hr to implement and test a system to this standard (see ssdirect.com).
[ 3] Choice of the IP 192.168.9.9 is arbitrary and not critical – it just simplifies the identity of the private vs public users across the proposed standard system. If overlap is experienced by users due to close proximity of multiple public routers, we can extend the IP numbers to 192.168.9x.9 as needed ..