Presentation on theme: "EDUCAUSE Southwest Regional Conference 2005 FCC, Rogue Access Points, and Security: Can We Get There From Here? Doug Jackson Director, Technology Customer."— Presentation transcript:
EDUCAUSE Southwest Regional Conference 2005 FCC, Rogue Access Points, and Security: Can We Get There From Here? Doug Jackson Director, Technology Customer Services UT Dallas Copyright William Hargrove and Doug Jackson 2005. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced materials and notice is given that the copying is by permission of the authors. To disseminate otherwise or to republish requires written permission from the authors. William Hargrove Executive Director, Information Resources UT Dallas
Background Wireless at UTD –Response to provisioning campus buildings/classrooms where wiring was too expensive or otherwise impractical. –Response to Student Pressure to Wire Apartments Apartment Complex Challenge –No Campus Connectivity –Estimates to Wire Prohibitive
The Problem: Apartment Network Instability –Frequent Equipment Resets –Unexplained Utilization Difficulties We Discovered –Malware Running Rampant –Private Access Point Proliferation/Interference Potential for Abuse –Common WEP Key –Authentication Spoofing
Student Push-Back FCC Rules Citations Posts to Discussion Groups Student Government Involvement
FCC Rules FCC Act of 1934 (47 USC, Sec. 1 et. seq.) FCC 1996 OTARD Regulations ( CFR Title 47, Sec. 1.4000)
Over The Air Reception Devices - OTARD Restrictions on Antenna Placement Effective January 22, 1999, the Commission amended the rule so that it also applies to rental property where the renter has an exclusive use area, such as a balcony or patio. On October 25, 2000, the Commission further amended the rule so that it applies to customer- end antennas that receive and transmit fixed wireless signals. This amendment became effective on May 25, 2001. http://www.fcc.gov/mb/facts/otard.html
More on OTARD The rule only applies to restrictions on property where the viewer has an ownership or leasehold interest and exclusive use or control. CFR Title - Section 1.4000 http://wireless.fcc.gov/siting/otard.html
Exception? 73 On the current record, we decline to extend the protections of our Section 207 rules to college dormitories. Purdue University argues that college housing is unique and, as such, should be exempt from our rules. Purdue Comments at 4. No one responded to Purdue's comments, and because no one has shown that a university has the same relationship to a dormitory resident as a landlord to a tenant, that a dormitory room is a leasehold, that landlord-tenant law applies equally to dormitories, or that the practical problems associated with extending our rules to leaseholds can be similarly resolved with respect to dormitories, we have no basis to cover college dormitories by our Section 207 rules at this time. Where, however, the relationship between a university and a viewer bears sufficient attributes of a commercial landlord-tenant relationship (e.g., where a university leases a single family home to a faculty member), our Section 207 rules will apply. http://www.fcc.gov/Bureaus/Cable/Orders/1998/fcc98273.pdf
Airports Hit Brick Wall in Regulating Unlicensed Radio FEDERAL COMMUNICATIONS COMMISSION STAFF CLARIFIES FCCS ROLE REGARDING RADIO INTERFERENCE MATTERS AND ITS RULES GOVERNING CUSTOMER ANTENNAS AND OTHER UNLICENSED EQUIPMENT The FCCs Office of Engineering and Technology says that the function of regulating and coordinating frequency use is reserved to the FCC itself. The report says in part, the FCC has exclusive authority to resolve matters involving radio frequency interference [RFI] when unlicensed devices are being used, regardless of venue. We also affirm that the rights that consumers have under our rules to install and operate customer antennas one meter or less in size apply to the operation of unlicensed equipment, such as Wi-Fi access points - just as they do to the use of equipment in connection with fixed wireless services licensed by the FCC. http://hraunfoss.fcc.gov/edocs_public/attachmatch/DA-04-1844A1.pdf
Problem? What Problem? UTD leases apartments to students and provides basic network connectivity for residents via WiFi Some residents acquire & setup their own WiFi Access Points (which are protected by the FCC) Other residents berate IT to provide better signal (I.e.- no interference) Frustrated residents then get their own APs & service (leading to more interference)
Solution? What Solution? a) Alter future lease contracts to disallow certain devices? b) Ignore the FCC, force rogues to be shut down (& blame it on the boss!)? c) Leave the students to their own devices? d) Ask the Navy to use FCC for target practice? ANSWER: NONE of the above!?
What is UTD Doing Now? a) Problem reported to Help Desk, preliminary analysis performed b) Computer brought to Helpdesk, Basic configuration analyzed c) Hardware tested in known environment (HelpDesk) d) Computer then tested at apartment by user e) Test with university equipment outside apartment f) Browse for rogue APs/networks g) Tell student no solution available from university
What are the Alternatives? a) Proprietary solutions b) Unauthenticated Disassociation c) 802.11a d) Wired service e) Remove all services
What Does the Future Hold? a) Europe has WiFi and cellular jammers available for use in locations such as restaurants, theatres, churches, etc. (FCC does not allow this in USA) b) Potential impacts include social changes, metro vs. corporate networks co-existing, free vs. commercial services… c) This is an issue that will need to be addressed and has no clear precedent.