# Sharing wireless internet



## Celtic (Nov 19, 2007)

IMHO, the tenants have their systems set-up "wrong".

It's the whole public/private thing with their connection.


----------



## George Stolz (Jan 22, 2009)

My experience is limited, but I have tinkered with this quite a bit.

I just contradicted myself, but just ignore that for now. 

Typically, computers sharing the same router can see each other, not just in iTunes but in general. In order to separate them, you need to change settings in the router in order to give each tenant access to the internet but not to each other. It really should be up to each tenant to decide what they don't want shared with their neighbors, but the easiest way to put the 'problem' behind you is to reconfigure the router.

If you do change the settings on the router and the problem persists just with iTunes, then you need to close the port in the router that iTunes uses.

It's worth noting that just because the different iTunes users can see the music in their neighbor's library, it's "play only", they can't share songs with it.


----------



## lectric_hand6855 (Jan 24, 2009)

Owner may need to call a computer tech and have him set up a network with passwords. Either way I'm sure the tech could shed more light on the issue.


----------



## BadSplice (Sep 5, 2009)

The problem is with each individual machine on the network, not your router.

Have them each go into Network Connections and shut off "File and Print Sharing" as well as uninstall "Client for Microsoft Networks".

The only thing they need is TCP/IP.


----------



## wildleg (Apr 12, 2009)

who is the provider, what make/model of router ?


----------



## Frasbee (Apr 7, 2008)

Yeah, tenants will have to adjust their own privacy settings.


----------



## Bob Badger (Apr 19, 2009)

I agree with George, change the router settings. Yes people can do it at their own machines but to put this problem to bed permanently make the change to the router so as new machines are added to the network they do not need settings changed.


----------



## MDShunk (Jan 7, 2007)

I guess I'll have to scour the docs for the WAP. Customer provided DLink DI-624. Not my choice at all. I use Enginius or SonicWall gear when I do an AP.


----------



## mikeh32 (Feb 16, 2009)

computer engineer gone electrician here. 

first, i would secure the router. thats step one

if you could get me more info, like what type of computers the tennants have.
just simple mac, or pc would do.

but the main issue is due to they are all on the same network, the itunes will find all users in that workgroup, or network. i would tell the building owner he might want to set up some policy. make sure that they adjust the settings on there pc's too. i can foresee some huge issues too.


----------



## steelersman (Mar 15, 2009)

mikeh32 said:


> computer engineer gone electrician here.


Whoa dude. Why would you go from comp. eng. to electrician? Seems kind of like going from being an electrician to Don's John's cleaner.


----------



## Southeast Power (Jan 18, 2009)

MDShunk said:


> A 4-unit apartment building owner purchased an internet connection, and I installed an 'open' wireless access point for him to give internet to the tenants in his building.
> 
> Now, I have a complaint. More than one tenant in this building uses iTunes, and the various tenants can bring up each others iTunes when they start the iTunes program. I assume this is because they share the same IP. Just a guess.
> 
> The building owner is concerned that I have created some sort of security situation. Is there some simple solution here, and what can I do about it?


Marc,
IMHO,
You installed the hardware and it functions. That is the electrical part.
The owner will now have to maintain the equipment. Have him call tech support or he will have to hire a 15 year old kid to maintain it for him.


----------



## BadSplice (Sep 5, 2009)

steelersman said:


> Whoa dude. Why would you go from comp. eng. to electrician? Seems kind of like going from being an electrician to Don's John's cleaner.


I was a Network Engineer. I became an electrician because the amount of work, the pay, and it's something I like to do. I can't imagine going back to the office environment.

BTW, I still stand by my statement that a couple simple setting changes on each of the machines connecting to the network is all that should be done. A simple print-out explaining how to get onto the wireless network and the settings changes needed to keep each computer secure should be sent out to each tenant by the building owner.


----------



## MDShunk (Jan 7, 2007)

jrannis said:


> Marc,
> IMHO,
> You installed the hardware and it functions. That is the electrical part.


I agree, but it also bothers me that I don't have the solution.


----------



## NolaTigaBait (Oct 19, 2008)

That's because you're a strategic thinker.


----------



## mikeh32 (Feb 16, 2009)

steelersman said:


> Whoa dude. Why would you go from comp. eng. to electrician? Seems kind of like going from being an electrician to Don's John's cleaner.


not a big fan of sitting at a desk all day. id rather be payed less and enjoy what i do, then make more and be miserable all day.

plus, i still do it as side work, and there is plenty


----------



## NolaTigaBait (Oct 19, 2008)

mikeh32 said:


> not a big fan of sitting at a desk all day. id rather be payed less and enjoy what i do, then make more and be miserable all day.
> 
> plus, i still do it as side work, and there is plenty


Same here. There are alot of guys out there with a college degree that decide to work in a trade. This is the best way I know how to make money.


----------



## MDShunk (Jan 7, 2007)

BadSplice said:


> BTW, I still stand by my statement that a couple simple setting changes on each of the machines connecting to the network is all that should be done. A simple print-out explaining how to get onto the wireless network and the settings changes needed to keep each computer secure should be sent out to each tenant by the building owner.


Simple as that, eh? If that's the case, that information probably already exists, nearly ready to print out, someplace on the net. If your platform is X and your operating system is Y, make A, B, and C changes. 

Do you suppose you could link me to a place that spells it out like that?

(thinking out loud, could one of the tenants simply "map network drives" and map the drive of one of the other tenants?)


----------



## BadSplice (Sep 5, 2009)

As I mentioned earlier in the thread, turning off File and Print Sharing on each machine will remedy the situation. All they need is TCP/IP, the rest could be uninstalled. 

Google "Turn off file sharing" for countless documentation, but that would probably be too confusing for them. 

If I actually owned a Windows PC I would go thru the steps and type them out for you, but I switched over to MAC a few years ago and I only use computers for surfing **** anyway so I forgot just about everything.

As for mapping network drives, that won't happen unless one of the people actually went into their machine and specifically shared a directory or drive. I doubt that they would have done that unless by mistake (not easy to do).


----------



## George Stolz (Jan 22, 2009)

MDShunk said:


> Simple as that, eh? If that's the case, that information probably already exists, nearly ready to print out, someplace on the net. If your platform is X and your operating system is Y, make A, B, and C changes.
> 
> Do you suppose you could link me to a place that spells it out like that?
> 
> (thinking out loud, could one of the tenants simply "map network drives" and map the drive of one of the other tenants?)


 Here is the manual. It has detailed instructions for making the configuration changes on the tenant's PCs. Unfortunately, I don't see a "Guest" setting on this router, like I was thinking would be the easiest fix.


----------



## TOOL_5150 (Aug 27, 2007)

mikeh32 said:


> computer engineer gone electrician here.
> 
> first, i would secure the router. thats step one
> 
> ...



This is your issue. You/someone needs to set up a security policy so the computers do not have access to each other. I do however dont believe you can achieve that with the simple router that was provided.

~Matt


----------



## BadSplice (Sep 5, 2009)

George Stolz said:


> Here is the manual. *It has detailed instructions for making the configuration changes on the tenant's PCs*. Unfortunately, I don't see a "Guest" setting on this router, like I was thinking would be the easiest fix.


Like with all Routers, the instructions are pretty complicated and make you jump thru hoops when you don't have to. Since there were no complaints about not being able to get onto the network, I assume all the settings are currently correct (DNS, DHCP, etc.). There's no need to use the Installation CD (unless you want the Router manufacturers bloatware on each machine).

However, the top of page 52 of the instructions gives a good picture of what I was talking about. All you need is "TCP/IP", the "File and Print Sharing" as well as "Client for Microsoft Networks" should be removed.


----------



## I_get_shocked (Apr 6, 2009)

Explain this to the owner... Itunes uses something called network discovery. It broadcasts itself over the subnet from which its connected to and allows the playlist to be shared which is totally different from file sharing.

The owner is absolutely correct in worrying! You have an OPEN network? Unsecure? That is a huge problem. Any tool from off the street can connect to the network and start hacking and spreading his viruses. Did you change the router pw? I am guessing no- That network can be taken over in about 2 minutes. 



Step 1. LOCK the network down with WEP.
Step 2. Change the default pw to the router/ap
Step 3. Advise tenants to install a software firewall on their computers.


----------



## 31b (Jan 14, 2008)

they should have the wireless access point secured, but even after doing that, you'll still see other people's iTunes libraries shared if they have it turned on.


----------



## wildleg (Apr 12, 2009)

I'm not familiar with itunes software, but it seems if you block the following two ports that itunes sharing can't happen (for pc):
*Port 3689 TCP
Port 5353 UDP*


----------



## mikeh32 (Feb 16, 2009)

and to the op, if you want to know how to block those ports

please goto www.portforward.com

from there, type in the router info, and the app you want to block. though the site is geared on how to allow it, just reverse the process


----------



## 31b (Jan 14, 2008)

to block ports on a Mac, go to the System Preferences:









then select Security:










turn on the firewall, and block the ports you wish.


----------



## Joshua (May 13, 2009)

Hey all, I am a former electrician now EE student who is working as an IT guy. 

There are a number of solutions to this that could give each tenant their own secured network (4 different access points, a router with different subnets connecting to separate wifi ap's, etc) but in this case it really is up to the tenants to make sure they have their own firewall running. Such a setup is inherently insecure but such is the nature of a free internet connection. I know that one could even go so far as to create separate virtual private networks for each tenant and still use the same access point, but then again that would require a much different router. I know i have achieved the same using a cheap (older) thin client computer running a linux distribution like ipcop or m0n0wall, but again that is something completely different than this situation. 

You did your job and installed the requested equipment, if he wants something different then he needs to be willing to spring for the appropriate equipment. In keeping this setup, I would just recommend everyone turn off their file/printer/iTunes library sharing.

Just my $0.02.

Josh


----------



## wilbilt (Sep 6, 2009)

Joshua said:


> You did your job and installed the requested equipment, if he wants something different then he needs to be willing to spring for the appropriate equipment. In keeping this setup, I would just recommend everyone turn off their file/printer/iTunes library sharing.
> 
> Just my $0.02.
> 
> Josh


I would agree. We have over 600 Macs on our school district network. By default, they are chatty and want to share everything. iChat is another app that can cause headaches.

I am also wondering how the landlord's ISP would feel about him sharing a single internet connection with the tenants.


----------



## BadSplice (Sep 5, 2009)

wilbilt said:


> I am also wondering how the landlord's ISP would feel about him sharing a single internet connection with the tenants.


That's the first thing that I thought of when I read this. I wonder what the rules are for making "Hotspots". I was going to set one up at my condo, but I didn't want to get into a legal tangle with the ISP.


----------



## 31b (Jan 14, 2008)

wilbilt said:


> I would agree. We have over 600 Macs on our school district network. *By default, they are chatty and want to share everything.* iChat is another app that can cause headaches.


uhh no, by default, the Mac doesn't share _anything_.


----------



## MDShunk (Jan 7, 2007)

wilbilt said:


> I am also wondering how the landlord's ISP would feel about him sharing a single internet connection with the tenants.


That was one of the questions I posed, but the connection was specially purchased for this use. The ISP is well aware of what the intended use is to be. Unless the whole building decides to download feature length movies all day long, he's in good shape.


----------



## wilbilt (Sep 6, 2009)

31b said:


> uhh no, by default, the Mac doesn't share _anything_.


Perhaps "share" is the wrong term. "Promiscuous" might be more realistic. I am a longtime Mac user, but still find it interesting to plug one in to the network and watch the traffic to see what it's broadcasting.


----------



## mikeh32 (Feb 16, 2009)

i honestly feel this is not your issue. you are an electrician, not a network admin.

you did your part of installing it, nothing was said about configuration. 

if i was doing this job, id do it for $100, and thats being nice. thats just the configuration


----------



## wilbilt (Sep 6, 2009)

MDShunk said:


> That was one of the questions I posed, but the connection was specially purchased for this use. The ISP is well aware of what the intended use is to be. Unless the whole building decides to download feature length movies all day long, he's in good shape.


 It is good to know connections with "shared" provisions are available. I know satellite TV providers have/had differing contract provisions for shared viewing depending on the circumstances. "Free to Guest" programming (i.e., a TV in a bar or restaurant) had different terms than "Paid Guest" viewing (hotels, etc.)

I suppose the situation may be similar with internet access. Offering connectivity to tenants or hotel guests is likely treated differently than simply creating a free hotspot.


----------



## AussieApprentice (Aug 16, 2008)

There is software for using a standard wireless router as a hot spot such as http://www.freewarepark.com/freeware/2hotspot-wifi-hotspot-software.html. I haven't used this software myself but it should cover most issues including making sure that everyone gets fair use of the bandwidth.

I personally would prefer to use one of the newer hardware solutions


----------



## BadSplice (Sep 5, 2009)

AussieApprentice said:


> I personally would prefer to use one of the newer hardware solutions


 Such as...?

Any recommendations would be appreciated. 

I'd really like to set up a big hotspot at my condo. There are 20 units and many of them are older people paying $55 each for cable or FIOS internet access. I doubt they are download huge files, so a single connection shared wirelessly could be a good thing for everyone.


----------



## AussieApprentice (Aug 16, 2008)

I can't recomend anything in particular but this is one example.
http://www.sohoware.com/span/new_sohoware/newfiles/subpages/product/wsg4000.htm


----------



## MDShunk (Jan 7, 2007)

AussieApprentice said:


> I can't recomend anything in particular but this is one example.
> http://www.sohoware.com/span/new_sohoware/newfiles/subpages/product/wsg4000.htm


The Engenius AP's that I normally use take that software.


----------



## Adil Mania (Oct 29, 2009)

Here, you use one methodology. You just write one agreement which is for agreement, like contract. First you just check which tenant use most and you start contract system.


----------



## steelersman (Mar 15, 2009)

Please translate this to English.


----------



## Toronto Sparky (Apr 12, 2009)

I have a wireless Router (that is used for testing laptops, game systems, and guests) plugged into my wired Router and there is no access to the other three wired computers via wireless. 
The game systems (WII & PS3) , Zune, and laptops have no problem with internet access.
And still allows for wireless password.

Not sure about wireless to other wireless (have not tried that yet..)


----------

