so i ask those people here who know more about networking than i do:
is this a big issue if we allow guests to establish VPNs? can this cause major security issues? or is my GM just being her typical "ive got better things to worry about" self?
Since no one else will, I'll play the role of Paranoid Computer Guy...
Your complementary room network connections probably don't have any internal protection
between computers set up on the local network (which would have been the easy/lazy/default way to do it). This allows computers behind the firewall to communicate with each other (and would be especially dangerous if your hotel network shares the same local network). Allowing a VPN connection would bypass any stateful scanning firewall or proxy server, and would allow dangerous files behind the firewall and thus to have access to any other machines on the same local network. Of course, people can also bring dangerous files in with them on their hard drive - see the Welchia worm.
If everyone, or at least all guests, share a common network segment with full IP connectivity between machines, I can fully understand the manager's reluctance to allow VPNs. A better solution is to make sure (through vlans, perhaps) guest computers are isolated from each other and from the hotel machines, so you could give them access to anything they wanted without fear of liability.
-jk
Previous Topic
Index
