Large scale internet sharing - e.g. student accommodation

[piasabird]

I always thought the ISP should be responsible for blocking virus and other similar attacks. I also think that they should be required to tell the user every time anyone accesses any of their stored information. Spying by the government should require the user be informed.

 

[frowertr]

I always thought the ISP should be responsible for blocking virus and other similar attacks. I also think that they should be required to tell the user every time anyone accesses any of their stored information. Spying by the government should require the user be informed.

They can scan attached e-mail files for their users since those files reside on the ISP's inbound e-mail server(s) for some time before the user checks it but thats all they can really do. I mean, all the ISP does is just pass packets back and forth from the end user to the oustide world.

I don't know of any inexpensive way an ISP can monitor thousands data stream in real time for all their customers for a virus. Secondly, I'm not sure I would want them adding latency to the stream as it gets analyzed.

Use Windows firewall (or similiar for a different OS), stay off the warez/porn section of the web, and then run a real time virus solution like AVG or MSE and you should be 99.9999% protected...

 

[RU482]

I wouldn't expect to provide wireless service in such an environment. I would provide only wired ethernet, even if it means pulling cable to 50 units.

Just thinking.....what if each of those 50 wired connections plugged into a wireless router, with multiple people and devices connected to each WLAN?

 

[naimcohen]

Thanks for the responses. That has cleared up some questions I had on VLANs but I still need to do some more googleing!

So as I'm in the UK I don't need to keep any log of such data?

Re what if each person plugged in a wireless access point...Each device would still need to login to the system via a captive portal or similar, so even if they did put a wifi AP, they would still need to log in

 

[Mark R]

Thanks for the responses. That has cleared up some questions I had on VLANs but I still need to do some more googleing!

So as I'm in the UK I don't need to keep any log of such data?

If you are in the UK, then an ISP must (more precisely, not all is mandatory, but it is extremely strongly recommended) keep this data. The question is whether you are an ISP, and if so, whether you can be exempted for reasons of size, etc. Expert advice is necessary as the law is not absolutely clear.

In practice, if you experience abuse by users, either through excessive bandwidth consumption, copyright infringement, harassment, etc. you will need to have facilities available to log data for investigation of breach of terms&conditions, etc.

Re what if each person plugged in a wireless access point...Each device would still need to login to the system via a captive portal or similar, so even if they did put a wifi AP, they would still need to log in

It depends how you set things up. If someone plugs in an AP, then it can work either as a dumb AP, in which case anything that connects has direct access to your network (devices will try to acquire IP addresses from your DHCP infrastructure, etc.). In this case, each device will need to authorize individually;

Alternatively, and this is the default mode of operation for cheap Wifi equipment is that it can act as a NAT router.

In the later scenario, a NAT router will only need to be logged into a captive portal once, and all devices behind it will be connected via that authorization. If you already provide NAT to your users (as you almost certainly will have to do so, as you probably won't be able to get sufficient IP space), then this double-NATting will break pretty much everything that isn't web. Skype, VOIP, Push notifications on mobile devices, gaming, VPNs, etc. will all be pretty much non-functional via a double-NAT system.