Slashdot Mirror
Administering a PC in a Vacation Rental Home?
mrn121 asks: "Some relatives of mine are preparing their beach house for rental, and they have asked me to assist in setting up some of the on-site technology. One of my ideas was to add a computer with high-speed internet access to the house, but security issues may be overwhelming. I have administered campus computing labs in the past, so I am familiar with locking systems down, but I am curious about what level of security readers might suggest, and how to go about achieving an appropriate balance between security and usability for such an application. On one hand, I don't want renters to clutter the computer with software and useless bookmarks, but on the other hand, I don't want the system to be utterly useless. One major difference between this computer and a lab computer is that I will not have access to the machine for the entire summer, while the house is being rented."
All fine, until that removable drive removes itself from the house.
Maybe I'm missing something, but the obvious solution to me is just to create a guest accout without admin priviledges. Let the renters know when they move in that if they want to install any special programs (if they want to use the computer to play some game, for example) that they have to let you know at the beginning of the summer so you can install it. As long as it's clear in advance what they can and can't use the computer for I don't see a problem. Also, if you aren't going to be around to administer the computer make sure they know that - preferably in writing, since if they come with the expectation of being able to use the computer for work, and something goes wrong, they will be looking for someone to blame.
http://www.macosxlabs.org/presentations/other/Harv ard_SIG_Part_2.pdf
You do what for a living?
What do you mean you 'won't have access' to it for the summer. Just use one of the remote desktop systems if it's a Windows box or -better yet- if you set it up as a Linux box you can just SSH into it. If the dynamic IP is an issue, register a free dynamic hostname at (for example) dyndns.org and install the IP auto-updater. That way you can just ssh to 'beach-house.dyndns.org'.
As others have suggested, create limited user accounts. Make sure they've got all they need for web surfing, movie watching, music and so on, and lock everything else down, and just leave them a limited-space directory to save stuff into. If you're afraid they may need more software, just create a crap e-mail account for 'support requests' and use the remote desktop/ssh with admin privileges to install new software if you deem it to be ok.
Marxist evolution is just N generations away!
Don't bother putting a computer up. Get a decent, cheap 802.11g wireless router, and perhaps hook up a couple of jacks for hardwire LAN access.
If somebody wants a computer on their vacation, let them bring their own.
There's so little difference between politics and jihad lately...
To check the weather forecast, the tides, to figure out what that sandpiper-ish bird with a hooked bill is, to order new books from Amazon, to view pr0n when you can't get anywhere with the girls on the beach, to get a recipe for tom yam gai when you left your cookbooks at home...
I think it is fairly safe to assume that it being a vacation rental, presumably not in a resort community for programmers, that choices #1-5 will be windows 9x+, #6 might be mac OS X, with linux battling it out at #7 with windows 3.1. I am not trying to be all anti-linux here, but this is a vacation setting, you want to keep people as happy and comfortable as possible, not completely shatter some average guy's self perception of computer literacy.
As for protecting what damage the computer can do to the rest of the world, there are also easy OS agnostic solutions you did not realize- mainly a firewall. blocking all outgoing/ingoing ports except port 80 should keep anyone protected. Unless someone needs VPN access to their job, it is reasonable to only restrict them to the web. Yeah if someone knowledgable really wants to get around the system, they can... but who really rents a vacation house when they can go to a library. Its all about being reasonable- He probably has no idea who he is going to be renting to either... There is a threat of an axe murderer renting it and burying bodies in the basement, does that mean you recommend putting video surveilence down there?
Your idea of screening tenants to see what computer background they have is silly. hes renting a vacation house with a computer, not a computer with a vacation house.
It is posts like this that really make me want a (-1, stick up ass) moderation.
When preparing a property in Tobago, between the beach and the golf course on a tropical paradise, for holiday rentals, a friend was required by the letting agents to supply a television for each bedroom and the lounge. Four rooms, four separate televisions. Apparently American holidaymakers can't do without. After that blow to my faith in humanity, one computer doesn't sound so bad.
... and never did they have a computer in them. If I wanted a computer, I brought my laptop.
Anybody really wanting to access the internet on their beach vacation has the equipment to do so anyway. Seriously, laptops are common among business travellers, and all netheads have them or something like them.
If you want to advertise high speed internet access, few people will be expecting there to be an actual computer there. An ethernet jack hooked to a cable modem (out of sight.. like in a closet or wall or other locked area) is good enough. If you want to provide wireless, drop an access point back there hooked to the cable modem as well. Beyond that, I wouldn't put in one single bit of equipment. No computer, no monitor, nothing. Maybe a power protector on the cable modem/access point, but that's it.
Leave an instruction sheet on how to hook up their ethernet or 802.11b wireless (use a 802.11b access point, as the cable modem is slower than 11 mbits and b is cheaper/more compatible) and wash your hands of it. Nobody expects an entire configured system to be there, realistically. If you go to a nice hotel with connectivity, you don't get a computer in the room, you get a place to hook up your computer and that's it. That's expected. Leaving a whole system there just invites people to rewire the thing to hook up *their* system.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
I guess different people have different ideas of what they like to do when they're on vacation. For me, it means getting away from the normal routine and not being such a geek for a few days. To each his own.Am I part of the core demographic for Swedish Fish?
...if they use that connection to do anything illegal or nasty. your name'll be on the ISP's billing system...