"Scott C. Best" wrote: > > > In a typical setup, no sensitive information is stored on the firewall > > machine (or gateway, as we call it), so I'm afraid I don't understand > > your question. > > My impression was that the NoCatAuth process verified this > login-password-MAC thing, and so would need to store....something?
True, but in a typical setup, none of this information is ever sent to or stored on the gateway. That all happens over SSL to a (theoretically) secure box elsewhere on the Internet. A large part of the design of NoCatAuth is intended to preserve trust -- you don't give your password to a gateway you don't necessarily trust, and the gateway doesn't trust *you* to tell it who you think you are. > So radio's and radio silicon is okay to sell, but not radio > service? :*) Not trying to bait you here -- I'm a big proponent of > public-access 802.11 hotspots. So much so that I wish it could move > at the velocity of something driven by capitalism rather than altruism. For me, the distinction isn't Okay/Not-Okay, but Interesting/Not-Interesting. If they think they can sell 802.11b service commercially, more power to 'em. But I probably wouldn't buy it, and it has doesn't have any apparent bearing I can see on free software projects... > > Never looked at [LaBrea] before you mentioned it, but I'd say it's basically > > outside the scope of our project. Other wireless groups have expressed > > an interest in RIDS, to prevent luser antics on the wireless network, > > and our attitude is basically the same. We do require transparent port > > forwarding on the gateway firewall, however. > > From my perspective, I see 'theft of service' as, well, the > point of any authentication scheme. Perhaps my perspective isn't > that aligned with NoCat's? I'm afraid I don't understand your question, then. In a nutshell, NoCatAuth severely limits a client's access to network services (in a customizable fashion) until authentication occurs. What would we need a TCP hack like LaBrea for? You mentioned you had other questions? SDE _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
