I'm going through the process of setting up a "hot spot" for the public for the company I work for. We had an extra Netgear FVS318 kicking around the office so I set that up to be it's own DHCP to give 10.10.10.x ip addresses and a subnet of 255.255.0.0 (internally we have 192.168.x.x and 255.255.255.0) and blocked all ports except 80 and 443 through the router's built in firewall. From that I have a DLink DWL-G700 access point giving an unsecured wireless signal. I'd like some feedback about how secure this setup is. I know any ICMP traffic can be used/captured, but I'm not too worried about that.

Gee, I'd worry about some perv downloading stuff,. Consider at least a box with untangle or vyatta or good software to protect content. If you want, read up on how to use backtrack 4 and run it. It will show you every thing you need to attack your setup. Make sure the hot spot can't access 192 address and make sure your company is behind a good device or appliance. You can run virtual machines for the hot spot if you don't have hardware.. "Best Practices", Event viewer, host file, perfmon, antivirus, anti-spyware, Live CD's, backups, are in my top 10

I'm downloading backtrack 4 and untangle right now. Thanks for the advice.