There are IPS features in nearly all of the 'enterprise' level wireless
products now:
http://www.cisco.com/c/en/us/products/collateral/wireless/adaptive-wireless-ips-software/data_sheet_c78-501388.html
http://www.aerohive.com/solutions/applications/secure.html
Doing a search for WIPs - or
Holstein
Cleveland State University
From: NANOG nanog-boun...@nanog.org on behalf of David Hubbard
dhubb...@dino.hostasaurus.com
Sent: Friday, October 03, 2014 4:06 PM
To: NANOG
Subject: Marriott wifi blocking
Saw this article:
http://www.cnn.com/2014/10/03
On Fri, 3 Oct 2014 16:16:22 -0400
Nick Olsen n...@flhsi.com wrote:
Not sure the specific implementation. But I've heard of Rouge AP
detection done in two ways.
Relation discussion on this topic has come up from time to time. I
believe the last time was in a thread that starts here and
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of David Hubbard
Sent: Friday, October 03, 2014 3:07 PM
To: NANOG
Subject: Marriott wifi blocking
Saw this article:
http://www.cnn.com/2014/10/03/travel/marriott-fcc-wi-fi-fine/
The interesting part:
'A federal
Yes, I've tested it quite effectively using WLC 5508 and a AIR-CAP3502I-A-K9
Date: Fri, 3 Oct 2014 16:15:37 -0400
From: telmn...@757.org
CC: nanog@nanog.org
Subject: Re: Marriott wifi blocking
I'm aware of how the illegal wifi blocking devices work, but
any idea what legal hardware
On Fri, 03 Oct 2014 16:16:22 -0400, Nick Olsen n...@flhsi.com wrote:
Side question for those smarter than I. How does WPA encryption play
into this? Would a client associated to a WPA2 AP take a non-encrypted
deauth appearing from the same BSSID?
It doesn't. The DEAUTH management frame is
The question here is what is authorized and what is not. Was this to protect
their network from rogues, or protect revenue from captive customers.
I can't imagine that any 'AP-squashing' packets are ever authorized,
outside of a lab. The wireless spectrum is shared by all, regardless of
On 10/03/2014 03:23 PM, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to protect
their network from rogues, or protect revenue from captive customers.
I can't imagine that any 'AP-squashing' packets are ever authorized,
outside of a lab. The wireless
On Fri 2014-Oct-03 16:01:21 -0600, John Schiel jsch...@flowtools.net wrote:
On 10/03/2014 03:23 PM, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to protect
their network from rogues, or protect revenue from captive customers.
I can't imagine that any
My reading of this is that these features are illegal, period. Rogue AP
detection is one thing, and disabling them via network or
administrative (ie. eject the guest) means would be fine, but
interfering with the wireless is not acceptable per the FCC regulations.
Seems like common sense to me.
On 10/03/14 17:34, Michael Van Norman wrote:
My reading of this is that these features are illegal, period. Rogue AP
detection is one thing, and disabling them via network or
administrative (ie. eject the guest) means would be fine, but
interfering with the wireless is not acceptable per the
On 10/3/14 3:44 PM, Lyle Giese l...@lcrcomputer.net wrote:
On 10/03/14 17:34, Michael Van Norman wrote:
My reading of this is that these features are illegal, period. Rogue
AP
detection is one thing, and disabling them via network or
administrative (ie. eject the guest) means would be fine,
On Fri, Oct 03, 2014 at 02:23:46PM -0700, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to
protect their network from rogues, or protect revenue from captive
customers.
I can't imagine that any 'AP-squashing' packets are ever authorized,
On 10/3/14 6:01 PM, John Schiel wrote:
On 10/03/2014 03:23 PM, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to
protect their network from rogues, or protect revenue from captive
customers.
I can't imagine that any 'AP-squashing' packets are ever
On 10/3/14 7:12 PM, Wayne E Bouchard wrote:
On Fri, Oct 03, 2014 at 02:23:46PM -0700, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to
protect their network from rogues, or protect revenue from captive
customers.
I can't imagine that any
On Oct 3, 2014, at 16:12 , Wayne E Bouchard w...@typo.org wrote:
On Fri, Oct 03, 2014 at 02:23:46PM -0700, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to
protect their network from rogues, or protect revenue from captive
customers.
I can't
- Original Message -
From: Ricky Beam jfb...@gmail.com
It doesn't. The DEAUTH management frame is not encrypted and carries no
authentication. The 802.11 spec only requires a reason code be
provided.
What's the code for E_GREEDY?
Cheers,
-- jra
--
Jay R. Ashworth
IANAL but no, I think it most certainly does not, at least in the USA,
depend on the terms of your *lease* agreement. In particular, I refer
you to
http://apps.fcc.gov/ecfs/document/view;?id=6518608517
where in the US Federal Communications Commission (FCC) specifically
voided terms restricting
- Original Message -
From: Owen DeLong o...@delong.com
On Oct 3, 2014, at 16:12 , Wayne E Bouchard w...@typo.org wrote:
Would not such an active device be quite appropriate there?
You may consider it appropriate from a financial or moral perspective,
but it is absolutely wrong
IANAL, but I believe they are. State laws may also apply (e.g. California
Code - Section 502). In California, it is illegal to knowingly and
without permission disrupts or causes the disruption of computer services
or denies or causes the denial of computer services to an authorized user
of a
On 10/3/2014 15:16, Nick Olsen wrote:
Not sure the specific implementation. But I've heard of Rouge AP detection
done in two ways.
Forgive me, I have been out of active large scale network administration
for a number of years and have really lost touch.
What it is about red-colored APs
On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman m...@ucla.edu wrote:
IANAL, but I believe they are. State laws may also apply (e.g. California
Code - Section 502). In California, it is illegal to knowingly and
without permission disrupts or causes the disruption of computer services
or
Except that this is the difference between what happens at a Marriott and what
would happen at a business that was running rogue AP detection. In the business
the portable AP would be trying to look like the network that the company
operated so as to siphon off legitimate users. In a hotel the
On Fri 2014-Oct-03 16:49:49 -0700, Owen DeLong o...@delong.com wrote:
On Oct 3, 2014, at 16:12 , Wayne E Bouchard w...@typo.org wrote:
On Fri, Oct 03, 2014 at 02:23:46PM -0700, Keenan Tims wrote:
The question here is what is authorized and what is not. Was this to protect
their network
On 10/3/14 7:25 PM, Hugo Slabbert h...@slabnet.com wrote:
On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman m...@ucla.edu
wrote:
IANAL, but I believe they are. State laws may also apply (e.g.
California
Code - Section 502). In California, it is illegal to knowingly and
without permission
One of the reasons I pointed to the California law is that it covers above
L1 even if FCC authority does not. The state law also provides for
criminal penalties. I do not know if other states have similar laws.
/Mike
On 10/3/14 7:42 PM, Hugo Slabbert h...@slabnet.com wrote:
On Fri 2014-Oct-03
Looks like you cut off, but:
Except that this is the difference between what happens at a Marriott
and what would happen at a business that was running rogue AP
detection. In the business the portable AP would be trying to look like
the network that the company operated so as to siphon off
On Fri 2014-Oct-03 19:45:57 -0700, Michael Van Norman m...@ucla.edu wrote:
On 10/3/14 7:25 PM, Hugo Slabbert h...@slabnet.com wrote:
On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman m...@ucla.edu
wrote:
IANAL, but I believe they are. State laws may also apply (e.g.
California
Code -
Wifi offered by a carrier citywide, or free wifi signals from a nearby
hotel / park / coffee shop..
On 04-Oct-2014 8:29 am, Hugo Slabbert h...@slabnet.com wrote:
attached to the existing one.
Okay: theoretically a guest could
spin up a hotspot and not attach
it to the hotel network at all,
On Fri, 03 Oct 2014 20:31:56 -0500, Larry Sheldon said:
What it is about red-colored APs that is offensive? I have never seen one.
It's a color code that indicates it's an RFC3514-compliant device.
pgpXeFC2JMDVl.pgp
Description: PGP signature
http://www.arrl.org/part-15-radio-frequency-devices#Definitions
http://www.ecfr.gov/cgi-bin/text-idx?node=pt47.1.15
(m) Harmful interference. Any emission, radiation or induction that
endangers the functioning of a radio navigation service or of other safety
services or seriously degrades,
On Sat 2014-Oct-04 08:37:32 +0530, Suresh Ramasubramanian ops.li...@gmail.com
wrote:
Wifi offered by a carrier citywide, or free wifi signals from a nearby
hotel / park / coffee shop..
Perfect example (thanks) of why cutting off network attachment points
would be fair game while effectively
Hugo, I still don't think that you have quite made it to the distinction that
we are looking for here.
In the case of the hotel, we are talking about an access point that connects
via 4G to a cellular carrier. An access point that attempts to create its own
network for the subscribers devices.
Jay,
Thanks; I think I was stretching this a bit far beyond just the Marriott
example. Killing hotspots of completely discrete networks because $$$
is heinous. I had extended this to e.g.:
1. Hotel charges for either wired or wireless access per device and has
network policies to that
No problem, Hugo.
In fact, if you paid for Wired service and plugged your own router in, you
would still be creating your own network, and not pretending to be the hotel's
network. At the RF layer.
So it would not be legal for them to zap that either. Doing so might /violate
your agreement
On Oct 3, 2014, at 10:45 PM, Hugo Slabbert h...@slabnet.com wrote:
Jay,
Killing hotspots of completely discrete networks because $$$ is heinous. I
had extended this to e.g.:
It’s not just Marriott doing this; A friend of mine went to a convention near
DC and found the venue was doing
On 10/3/14, 7:57 PM, Hugo Slabbert wrote:
But it's not a completely discrete network. It is a subset of the
existing network in the most common example of e.g. a WLAN + NAT device
providing access to additional clients, or at least an adjacent network
attached to the existing one. Okay:
On Fri, Oct 03, 2014 at 10:57:29PM -0500, Daniel Seagraves wrote:
It?s not just Marriott doing this; A friend of mine went to a convention
near DC and found the venue was doing something like this. I don?t know if
the method was the same, but he reported that any time he connected to his
On 10/3/14, 8:04 PM, Hugo Slabbert wrote:
I'm not clear on whether it runs afoul of FCC regs as it's not RF
interference directly but rather an (ab)use of higher layer control
mechanisms operating on that spectrum, but it probably does run afoul of
most thou shalt not harm other networks
The hotel is being fined for blocking/jamming users setting up wifi via mobile
technologies and such, not using the hotel's network. Hard for me to imagine
how the hotel gets to insert itself into any applicable AUP in that scenario.
Owen
On Oct 3, 2014, at 19:25, Hugo Slabbert
If the signal that is causing the harmful interference is a radio transmission,
then the FCC doesn't differentiate between noise and intelligent harmful
interference. If you interfere elsewhere on the wire or without transmitting,
you might avoid the part 15 rules about causing harmful
If there were a duplicate SSID, the. The nefarious user is the one causing
illegal harmful interference.
However, as I understand the case in question, Marriott was blocking stand-up
mobile hotspots not attached to their wired network or bridged/routed through
their wifi.
As you pointed
On 10/3/14, 8:45 PM, Hugo Slabbert wrote:
Jay,
Thanks; I think I was stretching this a bit far beyond just the Marriott
example. Killing hotspots of completely discrete networks because $$$
is heinous. I had extended this to e.g.:
1. Hotel charges for either wired or wireless access
On 10/3/2014 22:09, valdis.kletni...@vt.edu wrote:
On Fri, 03 Oct 2014 20:31:56 -0500, Larry Sheldon said:
What it is about red-colored APs that is offensive? I have never seen one.
It's a color code that indicates it's an RFC3514-compliant device.
%^)
--
The unique Characteristics of
On 10/3/2014 22:26, Hugo Slabbert wrote:
On Sat 2014-Oct-04 08:37:32 +0530, Suresh Ramasubramanian
ops.li...@gmail.com wrote:
Wifi offered by a carrier citywide, or free wifi signals from a nearby
hotel / park / coffee shop..
Perfect example (thanks) of why cutting off network attachment
On 10/3/2014 23:31, Owen DeLong wrote:
The hotel is being fined for blocking/jamming users setting up wifi
via mobile technologies and such, not using the hotel's network. Hard
for me to imagine how the hotel gets to insert itself into any
applicable AUP in that scenario.
+1
What happens if
101 - 146 of 146 matches
Mail list logo