College Wireless Policy (Part 1)

Well, I am back on campus and I have had a bit of time to goof around before classes start. I came here early for marching band camp, which is why I have not had any posts in a little bit even though I have had some free time.

Our college has a very strict wireless policy, which is that you aren’t allowed to have your own wireless access point. Period. So, as a curious computer science student, I wondered how many people actually listened to this policy. I wrote myself a little perl script, which allowed me to simply walk around and it would poll (using iwlist scan) for wireless networks and then record them until I told it to stop. So once I had this all working and tested I spent about 15 minutes walking around picking up wireless signals. The results I found were more surprising than I had anticipated.

Here is a table of the unencrypted wireless networks I found:

#      Network Name                   Encryption
================================================
1      "04Z409107113"                 off
2      "alicia"                       off
3      "B2B"                          off
4      "B2B"                          off
5      "belkin54g"                    off
6      "CaptivePortalTemp"            off
7      "CaptivePortalTemp"            off
8      "CaptivePortalTemp"            off
9      "CaptivePortalTemp"            off
10     "CaptivePortalTemp"            off
11     "CaptivePortalTemp"            off
12     "hpsetup"                      off
13     "hpsetup"                      off
14     "linksys"                      off
15     "linksys"                      off
16     "linksys"                      off
17     "linksys"                      off
18     "<College_Name>"               off
19     "print server 053797"          off
20     "print server 075462"          off
21     "Rosa/Vazquez"                 off
22     "Wireless Network"             off
23     "Wireless"                     off

I know this table could look a little prettier, but its not for heavy anaylsis. For all of the networks that say “linksys” I made sure they were unique by using the MAC Address that turns up in the results of an ‘iwlist scan’ So it’s not just the same linksys network that was picked up 4 times πŸ˜‰ .

I am going to guess that the “CaptivePortalTemp” entries are not related to students at my college. Other than that the one entry I changed to say “<College_Name>” was where the person actually named their wireless network to the name of the college, which couldn’t make it any more obvious that they go to the college. The campus is located close to a residential area, but a lot of these networks I picked up way too far away to be from non-college residences. Another point of interest is the unsecured print servers… I’m sure it would be quite easy for anyone to connect to those and, at the very least, waste someone’s paper. However, it might even be possible to get access to someone’s computer (assuming the printer allows more than one computer to connect at once) through the printer. I would hope the software the printer is running wouldn’t allow that, but who knows.

I would argue that there are probably at least 10 wireless networks that students from my college have setup that are unencrypted networks. This is, I believe, exactly what the college was trying to avoid by putting the wireless network policy in place. I can’t say there is really an easy solution to this problem, but I think if the college was willing to allow a wireless network after they educated the student on how to lock it down we would have less of a security problem on our hands than we do now. The best thing might be if the college just put wireless in all of the residences, but that costs money which they may or may not have to spend.

There were some networks that appeared to be run by college students that were encrypted, which is at least better than the unencrypted ones, but it still violates the college policy on wireless networks. I would love to have a wireless network myself because it would be nice for my laptop and for my Wii, but alas I will have to hold back on that. Seeing so many networks makes me wonder if the college actually checks for them because really all you would need is any old laptop that can scan for wireless networks.

People always ask me how easy it would be to scan for wireless networks on campus, and I guess the answer is all you need is ~30 minutes to write a perl script and the time it takes to walk around campus. I will walk around again after everyone has moved in and see if the situation changes at all. It should be interesting to see how many addtional networks I can find. Hopefully I have not given enough data for my college to use this to go after the people with these wireless networks because that was not the point of me doing this. I feel the college has every right to track them down, but they can do this on their own, if they are truly serious about their stance on student run wireless networks πŸ™‚ .

Advertisements

2 Responses to College Wireless Policy (Part 1)

  1. Christine says:

    Hey there! I know for a fact that they used to go around and look for wireless network, and then shut off the data port hosting the wireless router, but it seems that in the past few years this has been a lower priority. You are definitely correct, a college-run wireless network in the residence halls would be best as far as security goes.

    Also, I enjoy that you tagged this ‘n00b’ πŸ˜›

  2. jintoreedwine says:

    Hmmm, interesting to know they scanned at one point. Perhaps they got tired of blocking everyone’s data port after that long @_@

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: