First, I need to explain the situation. I need to help my daughter & son-in-law set up their new laptop on the Internet. Simple enough, in itself. The problem is their roommate. I don't know if anyone heard of the study where someone put up a link that said something like "Click here to infect your computer with a virus" - but if she came across that site, she would have clicked on the link. (As I recall, almost 400 people did, in a depressingly short time...). Her computer is actually more screwed up than any public access computer I've ever encountered, and for a few years public access computers were my only link to the Net... No point cleaning out the crapware and any malware lurking among it - she'd just mess it right back up again.
In fact, they got a laptop so they can use it wirelessly, as they don't dare leave a computer out where she might get her hands on it. (She is also hell on hardware: her keyboard is gummed up with peanut butter, she thinks slapping the CPU around is a great move to resolve any technical issues
you get the idea.) My s-i-l is trying to manage his dairy farm remotely (it is several thousand miles away, outside the US), so they need to keep their computer secure. I've already been over-ruled on the obvious non-technical solutions.
My daughter would have no idea what to do, and my s-i-l has never even used a computer before. So I really have no choice but to figure something out.
I know just enough to do some research: I figured out my best hope is a wireless router with OS firmware so I can set up the LAN ports as one VPN (the roomie's - might as well give her all, as she's the type who is just as likely to unplug her computer and stick it back in anywhere) and the wireless connection as another VPN (my daughter and s-i-l's). The best available choice seems to be the Linksys WRT54GL (as it happens, I just bought one myself, as my router is ailing). I was hoping to use Tomato, but looking over the documentation that exists online, I don't see how it would be possible to do this with Tomato. Or that could just be my ignorance...
Which leaves me with DD-WRT. I have two problems with that: first, the documentation I looked over didn't even leave me quite clear which file to download for that router (I
think I know, but I do know enough to be aware when updating firmware that is an awfully risky assumption). Second, I have the definite feeling DD-WRT is going to prove a bit more than I'm prepared to take on, or, to be exact, more than I can quickly master. I could probably figure it out, given time. But my daughter already bought the computer, and wants it hooked up ASAP. (They do really need it, so I can understand her urgency.) I really don't think I have the knowledge to get up to speed with DD-WRT that quickly.
Any suggestions on anything else I might be able to do? Also, one further problem. As the roommate has a boyfriend of dubious honesty and at least some technical knowledge, the "factory reset" option seems a very obvious danger (Internet connection, and, thus, the router are in an area everyone has access to). I presume there is no way to disable or password protect this (that would more or less defeat the point) and I can't even figure out a way to monitor the router and pop up an alert if settings reverted to factory default. (Even if I puzzle out how to write a script to do it, once the settings are reverted, the script wouldn't be run, so it would be pointless to run it to check for the one condition under which it won't
be run...)
I suspect there are other issues I haven't even thought of; I don't do a lot with networking, so it isn't an area I know much about. I do know wireless security is shaky (again, that factory default issue makes me nervous - that, and the fact they live in an area where everyone tries to get everyone else to install wireless so they can steal a connection). So any thoughts, information, resources, whatever you can offer would really help. I'm sorry for asking questions I ought to be able to find answers to myself - I just don't think I can find and absorb it all quickly enough (especially since some bits of information I've found contradict others, leaving me with the need to learn enough to figure out which ones were written by idiots).