Setting up guest registration on a network

fifedesigns · 05-03-2011, 11:02 AM

I was wondering if someone could point me in the direction of adding a registration page to my guest network. I would like to monitor websites, etc to prevent any fraudulent activity on my network. Thanks in advance.

mattjones · 05-08-2011, 12:11 PM

Hi,

Anything is possible if you are willing to invest time etc.

When you say registration page how exactly do you mean? Talk me through a step by step process as if you are the user connecting and using resources/services on your network. i.e:

1. Log on (local or domain user?)
2. Connect to Wireless network (encryption? - key provided?)
3. Open IE
.....and so on.

Can you provide me with some details as to your network setup? ideally:
Server(s) OS
Is your server an FRDC? do you have a secondary DC? any member servers?
IIS configured on FRDC/DC?
Workstation OS
How many users/workstations?

If you have a guest network and wish to monitor web useage, in achieving this we must establish a way of highlighting an individual user - in order to know exactly who has accessed what. A registration page etc. is pretty straight forward and could be achieved with something as simple as PHP linked to a MySQL/SQL DB. Enabling a user to register and also login etc.

Matt

BrokenAtari · 05-08-2011, 12:13 PM

If it is a wireless network you could set up a radius server to deal with that.

mattjones · 05-08-2011, 12:20 PM

BrokenAtari - good suggestion! Only issue I could see with that is if the user needs access to other resources across the network e.g. shares, printers etc. the point of using a radius server for authentication would be deemed pointless, if this were the case, as you are allowing more access to a network than the a Radius setup is meant for.

BrokenAtari · 05-08-2011, 12:24 PM

You could put them on a different subnet.

mattjones · 05-08-2011, 12:27 PM

Again, as long as they don't require other service from the domain.

We may have gone way overboard here and 'fifedesign' might be wanting something for home. ha ha!

BrokenAtari · 05-08-2011, 12:48 PM

Put a computer designated as a firewall + sniffer in between the public network and his network. Then adjust the firewall to allow certain features. Have a special dns running on the firewall computer.

mattjones · 05-08-2011, 12:52 PM

'special DNS'?? DNS is DNS, you can have different types of records.

Lets wait and see what he actually wants to achieve.

BrokenAtari · 05-09-2011, 05:24 AM

Quote:

Originally Posted by mattjones

'special DNS'?? DNS is DNS, you can have different types of records.

Lets wait and see what he actually wants to achieve.

I wasn't literately meaning "special DNS". I meant that it was only for the public. (A special purpose)

krone6 · 05-16-2011, 07:29 AM

Why not just user account permissions? Guest accounts can get on the same network but have no access to printers etc, only web. A little higher up gets more access and so on to adminship. Of course this will open up a less secure network but what's the % of people who'll use your guest account that'll even bother to hack you? They could do it even without a guest network access to begin with, so in the end, guest accounts with permissions might be the simpliest.

(first post btw... woohoo a normal forum)

05-03-2011, 11:02 AM	#1
fifedesigns Beta Member Join Date: May 2011 Posts: 1	Setting up guest registration on a network I was wondering if someone could point me in the direction of adding a registration page to my guest network. I would like to monitor websites, etc to prevent any fraudulent activity on my network. Thanks in advance.

05-08-2011, 12:11 PM	#2
mattjones Solid State Member Join Date: May 2011 Posts: 17	Re: Setting up guest registration on a network Hi, Anything is possible if you are willing to invest time etc. When you say registration page how exactly do you mean? Talk me through a step by step process as if you are the user connecting and using resources/services on your network. i.e: 1. Log on (local or domain user?) 2. Connect to Wireless network (encryption? - key provided?) 3. Open IE .....and so on. Can you provide me with some details as to your network setup? ideally: Server(s) OS Is your server an FRDC? do you have a secondary DC? any member servers? IIS configured on FRDC/DC? Workstation OS How many users/workstations? If you have a guest network and wish to monitor web useage, in achieving this we must establish a way of highlighting an individual user - in order to know exactly who has accessed what. A registration page etc. is pretty straight forward and could be achieved with something as simple as PHP linked to a MySQL/SQL DB. Enabling a user to register and also login etc. Matt

05-08-2011, 12:13 PM	#3
BrokenAtari In Runtime Join Date: Jan 2006 Posts: 219	Re: Setting up guest registration on a network If it is a wireless network you could set up a radius server to deal with that. __________________ Cisco Network Fundamentals Certified Cisco Routing Protocols and Concepts Certified

05-08-2011, 12:20 PM	#4
mattjones Solid State Member Join Date: May 2011 Posts: 17	Re: Setting up guest registration on a network BrokenAtari - good suggestion! Only issue I could see with that is if the user needs access to other resources across the network e.g. shares, printers etc. the point of using a radius server for authentication would be deemed pointless, if this were the case, as you are allowing more access to a network than the a Radius setup is meant for.

05-08-2011, 12:24 PM	#5
BrokenAtari In Runtime Join Date: Jan 2006 Posts: 219	Re: Setting up guest registration on a network You could put them on a different subnet. __________________ Cisco Network Fundamentals Certified Cisco Routing Protocols and Concepts Certified

05-08-2011, 12:27 PM	#6
mattjones Solid State Member Join Date: May 2011 Posts: 17	Re: Setting up guest registration on a network Again, as long as they don't require other service from the domain. We may have gone way overboard here and 'fifedesign' might be wanting something for home. ha ha!

05-08-2011, 12:48 PM	#7
BrokenAtari In Runtime Join Date: Jan 2006 Posts: 219	Re: Setting up guest registration on a network Put a computer designated as a firewall + sniffer in between the public network and his network. Then adjust the firewall to allow certain features. Have a special dns running on the firewall computer. __________________ Cisco Network Fundamentals Certified Cisco Routing Protocols and Concepts Certified

05-08-2011, 12:52 PM	#8
mattjones Solid State Member Join Date: May 2011 Posts: 17	Re: Setting up guest registration on a network 'special DNS'?? DNS is DNS, you can have different types of records. Lets wait and see what he actually wants to achieve.

05-16-2011, 07:29 AM	#10
krone6 In Runtime Join Date: May 2011 Posts: 330	Re: Setting up guest registration on a network Why not just user account permissions? Guest accounts can get on the same network but have no access to printers etc, only web. A little higher up gets more access and so on to adminship. Of course this will open up a less secure network but what's the % of people who'll use your guest account that'll even bother to hack you? They could do it even without a guest network access to begin with, so in the end, guest accounts with permissions might be the simpliest. (first post btw... woohoo a normal forum)

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode