Slashdot Mirror

← Back to Stories (view on slashdot.org)

Administering a PC in a Vacation Rental Home?

Posted by Cliff on from the ammenities-and-security-nightmares dept.

mrn121 asks: "Some relatives of mine are preparing their beach house for rental, and they have asked me to assist in setting up some of the on-site technology. One of my ideas was to add a computer with high-speed internet access to the house, but security issues may be overwhelming. I have administered campus computing labs in the past, so I am familiar with locking systems down, but I am curious about what level of security readers might suggest, and how to go about achieving an appropriate balance between security and usability for such an application. On one hand, I don't want renters to clutter the computer with software and useless bookmarks, but on the other hand, I don't want the system to be utterly useless. One major difference between this computer and a lab computer is that I will not have access to the machine for the entire summer, while the house is being rented."

17 of 97 comments (clear)

  1. Don't bother locking it down by mcgroarty · · Score: 5, Interesting
    I say don't bother to lock it down. They're on vacation -- let them use it however they like. And without physically securing the thing, there's not much you can do about some bored kid's hostile pranks for the next guest. What I'd do is to get one of those cheap $30 IDE removable hard drive kits and a second drive, then use Norton Ghost or even a Linux install with a script using "dd" to make an image of the normal drive's install on the removable drive.

    If you make the removable drive have boot priority, you can even make it an automated process, where the vacationers or the rental agent are told they can restore the computer to "fresh state" themselves by sliding the drive in, turning the key, powering up, waiting for it to do the copy, then shutting down, unlocking the drive bay, and putting the drive away again.

    Aside from that, set up Windows update to install automatically, use a DSL/cable router box that blocks pretty much everything inbound, and hope for the best.

    1. Re:Don't bother locking it down by BigBir3d · · Score: 3, Insightful

      All fine, until that removable drive removes itself from the house.

    2. Re:Don't bother locking it down by Vaevictis666 · · Score: 4, Interesting
      Better than a removable drive would be a "hidden" hard drive partition. Get Windows (or whatever) installed onto partition 1, and have partition 2 non-visible from windows. Then boot into either Dos or a live cd (I highly recommend Bart's PE Builder for a live win xp cd) and take a ghost image of partition 1 and save the image on the hidden partition 2. Then as backup maybe make a CD set or something.

      You shouldn't be worrying about what goes on while they're there, but after the rental ends just pop over with the live cd, restore the disk image, and it's fresh for the next rental.

  2. Knoppix by Col.+Klink+(retired) · · Score: 4, Interesting

    I'd leave it completely diskless and put a Knoppix CD in.

    --

    -- Don't Tase me, bro!

  3. Why bother with a PC? by TrebleJunkie · · Score: 4, Interesting

    If I were you, I'd go *only* as far as supplying a broadband connection, a cable/DSL router (which should block *most* crap by default) with DHCP enabled, a hub/switch (if necessary) in a closet somewhere. Then, in plain view, ethernet wall jack and a one-page sheet of instructions on how to make it work with *their* computer. Maybe a spare ethernet cable or two.

    The way I figger it, if they can afford to rent a beach house, they can probably afford their own laptop if they wanna get some work done. And the most you'll have to do to service it *should* be to tell them to recycle the power on the router or cable modem, and you don't have to worry about the PC.

    --

    Ed R.Zahurak

    You know, oblivion keeps looking better every day.

  4. Lock the main computer in a closet by Marxist+Hacker+42 · · Score: 4, Interesting

    Along with a good Wifi firewall, and rent the place out as "WiFi enabled high speed internet access". That way, you can just give the WAP passwords to the rental agent, and people are responsible for their own machines.

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  5. No security. And Ghost the fucker. by Elwood+P+Dowd · · Score: 3, Interesting

    Configure it with a largeish partition for ghost files. Install Windows on the other partition and configure it however much or little security you'd like. Enable the firewall. Install automated spyware & virus protection. Do windows update.

    Ghost the machine as it is, properly configured, to the ghost partition. Later, after they've fucked everything up, you can restore from the ghost file.

    Isn't that how you ran your labs?

    --

    There are no trails. There are no trees out here.
  6. How the professionals do it. by Spudley · · Score: 4, Interesting

    An internet cafe I know achieves this very simply: Every night after they close, they just restore every PC to it's original state from a backup on a hidden partition.

    Takes them practically zero time or effort -- all they have to do is open the admin program, enter a password, and click 'Okay'. No disks or tapes to insert, and users can do anything the like to the machine during the day. (well... it might be awkward if they managed to delete the backup program, but I don't think that's happened yet.. and anyway, they keep proper backups too, just in case)

    --
    (Spudley Strikes Again!)
  7. Let's ask the metaquestion by pedantic+bore · · Score: 4, Interesting
    Who rents a beach house so that they can use the computer? When my family rents a beach house, spending time in front of a computer is the last thing on my mind.

    From your point of view, putting a computer in a beach house could be a headache anyway, for physical reasons. Everything in a rental property takes a beating. I'd just get a wireless router, hide it in a locked closet, and maybe put a few ethernet jacks where your guests can find them. Let them bring their laptops if they're geeky enough.

    You might also make them sign something saying that they're responsible for whatever gets downloaded during the time they're in the house. That way, if you have a guest who downloads something that attracts the wrong sort of attention, maybe they'll get in trouble instead of you.

    --
    Am I part of the core demographic for Swedish Fish?
    1. Re:Let's ask the metaquestion by alwayslurking · · Score: 3, Insightful

      When preparing a property in Tobago, between the beach and the golf course on a tropical paradise, for holiday rentals, a friend was required by the letting agents to supply a television for each bedroom and the lounge. Four rooms, four separate televisions. Apparently American holidaymakers can't do without. After that blow to my faith in humanity, one computer doesn't sound so bad.

    2. Re:Let's ask the metaquestion by warpSpeed · · Score: 3, Interesting
      Who rents a beach house so that they can use the computer? When my family rents a beach house, spending time in front of a computer is the last thing on my mind

      I Do.

      I run my own buisness, so I never really get a vacation from email. Also the whole family loves going to the beach, except me. What can I do? I bring my laptop and tons of books magazines, etc. In the past I have used dialup while at the beach (oh the horrors!). DSL access in the beach house would simply be "heaven". Wireless access would be a real bonus (but I can bring my own WAP) I can hang out during the day reading and responding to email and drinking beer.

      Now that is a vacation.

    3. Re:Let's ask the metaquestion by pedantic+bore · · Score: 4, Insightful
      To check the weather forecast... radio

      the tides... paper, radio. Or just ask your neighbor with the boat.

      to figure out what that sandpiper-ish bird with a hooked bill is.. It's a sandpiper. If you need more detail than that, go get a book about birds.

      to order new books from Amazon You're on vacation! Go to the book store! It's fun and you don't have to wait for delivery.

      to view pr0n when you can't get anywhere with the girls on the beach... Never a problem for me. My wife and I always bring home two girls, one for each of us. (Of course, it's the same two girls we brought to the beach, but that just makes it even better.)

      to get a recipe for tom yam gai when you left your cookbooks at home... Go to the book store. Call a friend. Recreate the recipe from memory.

      I guess different people have different ideas of what they like to do when they're on vacation. For me, it means getting away from the normal routine and not being such a geek for a few days. To each his own.
      --
      Am I part of the core demographic for Swedish Fish?
  8. What kind of admin ARE you.. by E_elven · · Score: 3, Insightful

    What do you mean you 'won't have access' to it for the summer. Just use one of the remote desktop systems if it's a Windows box or -better yet- if you set it up as a Linux box you can just SSH into it. If the dynamic IP is an issue, register a free dynamic hostname at (for example) dyndns.org and install the IP auto-updater. That way you can just ssh to 'beach-house.dyndns.org'.

    As others have suggested, create limited user accounts. Make sure they've got all they need for web surfing, movie watching, music and so on, and lock everything else down, and just leave them a limited-space directory to save stuff into. If you're afraid they may need more software, just create a crap e-mail account for 'support requests' and use the remote desktop/ssh with admin privileges to install new software if you deem it to be ok.

    --
    Marxist evolution is just N generations away!
  9. Re:WWW???? by Anonymous Coward · · Score: 5, Insightful

    I think it is fairly safe to assume that it being a vacation rental, presumably not in a resort community for programmers, that choices #1-5 will be windows 9x+, #6 might be mac OS X, with linux battling it out at #7 with windows 3.1. I am not trying to be all anti-linux here, but this is a vacation setting, you want to keep people as happy and comfortable as possible, not completely shatter some average guy's self perception of computer literacy.

    As for protecting what damage the computer can do to the rest of the world, there are also easy OS agnostic solutions you did not realize- mainly a firewall. blocking all outgoing/ingoing ports except port 80 should keep anyone protected. Unless someone needs VPN access to their job, it is reasonable to only restrict them to the web. Yeah if someone knowledgable really wants to get around the system, they can... but who really rents a vacation house when they can go to a library. Its all about being reasonable- He probably has no idea who he is going to be renting to either... There is a threat of an axe murderer renting it and burying bodies in the basement, does that mean you recommend putting video surveilence down there?

    Your idea of screening tenants to see what computer background they have is silly. hes renting a vacation house with a computer, not a computer with a vacation house.

    It is posts like this that really make me want a (-1, stick up ass) moderation.

  10. You're on vacation by Anonymous Coward · · Score: 3, Funny

    1. Remove the harddrive
    2. Put the following BASIC program on a boot floppy

    10 PRINT "TURN OFF THE COMPUTER AND GO OUTSIDE YOU LAZY SHIT"
    20 GOTO 10

  11. WebTV by YrWrstNtmr · · Score: 3, Interesting

    Can't use it for much, but hey...at least they can't screw anything up with it.

  12. Probably the easiest way... by chrispyman · · Score: 3, Informative

    If it's a Windows machine, I'd suggest putting DeepFreeze on it. It basically resets the computer back to its original state whenever you reboot the box. I've used this on many student workstations and it works like a charm. Unfortunately it won't stop some smartypants from booting off a cd and installing Linux or something like that ;-)