-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There are definitely those that DO fake replies. Mine is bad enough to accept SSH logins, which is a real problem since it allows you hand over the password to one of your machines if you aren't careful.
=R Fanen Ahua wrote: > I suppose the root dns servers retain static IPs? is it not possible to > compare something to a hardcoded IP of a root dns server? > > Secondly, the captive portals I've come across (Microtik) don't really > "fake" ping replies, I think they return valid errors (One says > "destination network forbidden"). Also, the login machine usually lies > on a machine on the same network as "your computer" so if it redirects > you to a page, and that page happens to be in the same subnet as your > IP, then you know you aren't connected to the Internet. > > Just guessing here though. Not my turf. > > Fanen Ahua <http://traversingmind.blogspot.com> > ------------------------------------------------------------------------ > > fortune: Lay on, MacDuff, and curs'd be him who first cries, "Hold, > enough!". -- Shakespeare > > On Fri, 2008-04-04 at 16:25 -0400, Martin Owens wrote: >> I address each of these issues with short reference quotes rather than >> quoting the entire previous emails. >> >> > 1) Captive portals ... >> > 2) pinging google/root-dns/whatever ... >> > 3) page-scraping google/yahoo/whatever ... >> > 4) ARP-ing a known MAC ... >> > 5) Proxies: pretty much explanatory ... >> >> The issues you bring up are good, and I will continue to think about >> the problem and present ideas. >> >> > A bit problem here is user trust issues ... >> > A good example of this issue is the Firefox SSL self-signed-certificate >> >> I completely agree, if the user gets false positives anything more >> than 1 in 100 times then the functionality is detrimental as your >> burdened with extra code and ui complexity without any real benefit. >> Oh believe me when I say I understand this problem all too well. >> >> > I'm not against it, I just need to see an implementation that doesn't >> > have too many false-positives and doesn't have too many false negatives >> > first. >> >> That may be possible, the main barriers we have are: >> 1) Captive Portals, >> 2) Proxies >> 3) VPNs (issue?) >> 4) Causing lots of traffic >> >> > The big question I have is "What does Vista do?" >> >> I don't think it's worth looking at Vista, (and no not because it's >> windows) I don't believe it's worth looking at a flawed system (as >> you've pointed out) when the system is hidden and the problem should >> be solvable from first principles. >> >> > In the end, it's certainly possible for an external tool ... >> >> I do believe that there is room for a research project which can test >> methods. But I strongly object to any formal project since it would >> complicate functionality, responsibility and make the NH project >> complacent in incorporating such functionality without significant >> want from core developers. >> >> Now an Idea I just had was a kind of DNS test which would look at 2 or >> 3 domains to see if any addresses come back (no dns) if the addresses >> are all the same (Captive Portals). I'm not very familar with proxies >> and vpns to have a clear idea of the results from those set ups. This >> may in fact be related to the "Search Domains" which windows has had >> for a long time but I can't be sure. >> >> Thoughts? >> >> Best Regards, Martin Owens - -- ---- _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II |$&| |__| | | |__/ | \| _| |[EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/iqOmb+gadEcsb4RAmOOAJ9eSY84gJ32ZwnwlH7/Nq1mt6ExEQCgn9A7 wQnL1ygzPcBbF2qg/p9F94Q= =8oqy -----END PGP SIGNATURE-----
begin:vcard fn:Ryan Novosielski n:Novosielski;Ryan org:UMDNJ;IST/AST adr;dom:MSB C630;;185 South Orange Avenue;Newark;NJ;07103 email;internet:[EMAIL PROTECTED] title:Systems Programmer II tel;work:(973) 972-0922 tel;fax:(973) 972-7412 tel;pager:(866) 20-UMDNJ x-mozilla-html:FALSE version:2.1 end:vcard
_______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
