On Mon, 24 Jan 2005, Solomon Chang wrote: > I have always suspected this is not the case with T-Mobile. I have just > such an account with them, and whenever I go to a T-Mobile hotspot, I > find I can't even use command-line SSH until I log in using a web > browser. In fact, all of my requests get redirected to www.tmobile.com, > regardless of port, often resulting in rejected service, until I > actually log in. My impression has been that a T-Mobile hotspot has > some means of maintaining a list of active MAC addresses of customers > who have logged in, and provides different DNS for any MAC address that > isn't on the list. > > I am not a T-Mobile employee, but if someone has a way of ascertaining > these these things, I will gladly lend someone my T-Mobile hotspot > account for finding out.
Yeah, it works similar to the way you guessed .. If you want to see the details, look up chillispot[1] or nocatauth[2]. (These are open source projects and likely not what T-Mobile hotspots use, but I use T-Mobile too and the behavior is the same.) Basically the router keeps a list of authenticated MAC addresses or IP addresses. Any packets that come in from random clients not on the list are subject to a very restrictive set of firewall rules, which usually throws away anything except port 80, and traps port 80 HTTP requests and sends them to a fake "server" program that only knows how to send 302 "Resource Moved" redirects (as Jim said). That's why you land on the T-Mobile login page no matter what your browser asked for. When you log in to the web page, some authentication protocol (usually RADIUS) notifies the AP, which adds you to its local list of approved MAC addresses. Once you are on the list, your packets are passed normally. The whole thing isn't very hard; you can hack it all together using the native routing and firewalls in either FreeBSD or Linux and some shell scripts. With Linux running on a $60 Linksys router from Fry's[3], you can provide T-Mobile like service to your neighbors. (Or for that matter, you could put up a hotspot that looks identical to T-Mobile and go phishing.) M.D. [1] http://www.chillispot.org [2] http://nocat.net [3] http://openwrt.org -- Michael A. Dickerson : Unix Systems Administrator : Pomona College Andrew 252a : 909.607.8653 : [EMAIL PROTECTED]
