Re: Hot-pots Re: [BAWUG] Port_based Authentication 802.11b

Sat, 02 Nov 2002 03:23:27 -0800

NoCatAuth on a Linux box will do something very close to that (the general term for that is http session hijacking or redirection). But, as I said, this is really not as secure as the hotspot operators would like it to be. Not only can two users of the same AP "talk" to each other, but on top of that anybody can sniff you traffic once you're authenticated, and as soon as you're off the air (or even before if they're just injecting some traffic and don't care about the return), they can spoof your MAC and IP addresses and look like you.

Jacques.

At 00:40 01/11/2002, Stefano Y wrote:
Hello All,

First, I would like to say thank you to those has put in
the inputs and generously sharing their knowledge.

May I the subject was not correct.

What exactly I like to learn is:
How do Hotspot (WISP) as Wayport (www.wayport.com) and
T-Mobile settings.  If you have experience with one of
those WISP then it's easier for you to understand my
question.

Basically, with my notebook (wiht 802.11b) if I go to
Star-Buck caffee (T-Mobible) or certain Hotel/Airport
(Wayport), without any WEP key, I can half register to AP:
 I can ping www.yahoo.com in DOS prompt
 I can access and share my system resources to those people
that properly or improperly registered to this AP.

But I can not access to the Internet, IRC, Chat... IE..
Netscape.  If I use the IE to access to any URL then it
prompt me to their Log-on page. After completely logon, I
can access to any URL, IRC Chat... (of course, still can
access to any system resources that shared and registered
to the AP)

That I like to learn for my testing purposes.
 I have no idea what HW, SW, Server, Win2k, Linux... etc...
that needed to implement this task.

Any idea wuold be very helpfull

Thank and Regards,

Stefano Y



--- Stefano Y <[EMAIL PROTECTED]> wrote:
> Hello All,
>
> I like to learn on setting a server that has capable of
> Port_based Authentication.
>
> Per say, the AP has WEP key disabled.  all users can
> obtain
> IP addresses and can ping/accessing to each other by just
> register to an AP-SSID, but they can not access to the
> Internet (any port) , unless:
>
> When they try to any URL via IE browser then it will pops
> up the logon, after entering UserID and PW then they can
> access to any port to Internet.
>
> What should I need on setting this up: HW and Software,
> server, Win2K or Linux?
>
> Thanks,
>
> Stefano Y
>
>
>
> __________________________________________________
> Do you Yahoo!?
> New DSL Internet Access from SBC & Yahoo!
> http://sbc.yahoo.com
> --
> general wireless list, a bawug thing
> <http://www.bawug.org/>
> [un]subscribe:
http://lists.bawug.org/mailman/listinfo/wireless


__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless


-- Jacques Caron, IP Sector Technologies
   Join the discussion on public WLAN open global roaming:
   http://lists.ipsector.com/listinfo/openroaming


--
general wireless list, a bawug thing <http://www.bawug.org/>
[un]subscribe: http://lists.bawug.org/mailman/listinfo/wireless

Reply via email to