How about a splash page stored in the flash card for the hot spot.   And
maybe a bar inserted in web browsing to a specific customer ip.
Like a friendly reminder to call the credit department or "Guido"

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Pete Davis
Sent: Saturday, December 30, B2006 2:40 AM
To: WISPA General List
Cc: [EMAIL PROTECTED]
Subject: Re: [WISPA] Cool ideas for RouterOS....


I like those, and would like to probably implement them myself. Here are 
some of my ideas/wishlist.

I would like to see the script equivalent of DenyHosts.  [see 
http://denyhosts.sourceforge.net] whereas if password authentication 
fails (telnet, ssh, ftp) from the same outside IP 5 (or so) times in a 
row, that IP gets dynamically added to the "blacklist" address list, and 
all data to/from is denied for 12 hrs (or so). My logs are usually full 
of failed ssh/ftp logins from (virusinfected?) zombie PCs trying brute 
force dictionary login attempts. Permanently blacklisting them seems 
like a waste of resources/disk space.

If I could get notified of any IP who sends smtp (TCP/25) traffic to 
more than 5 different destinations/hr(min?) that could be a good script. 
Some of my business clients host their own email server, so that's okay, 
but most clients only need to send to my SMTP server. Automatically 
blocking port25 for certain users who violate this (due to a virus) 
would be good also. I guess this is similar to your #1 and #2 ideas.

A script I think would be neat, but don't have the time to implement it 
now, if a 2-radio routerboard/wrap/whatever could be mounted in the van 
with an omni antenna on the roof (or bumper) connected to the "client" 
radio, and automatically associate to the nearest non-secure (or secure 
if it has "our client" WEP key) AP (with a SSID other than 
"THENODIALVAN"), then nat/rebroadcast on a weaker AP (with a duckie 
antenna), with the SSID of "THENODIALVAN" then it would be kind of the 
"ultimate" war driving vehicle. Another script to VPN tunnel into the 
office on demand so the techs could get/file paperwork from their 
laptops.  Wire in a Lingo/Vonage/whatever VOIP phone, and cell phone 
bills to/from the technicians could drop considerably.
Please don't respond to this one telling me how the cops are gonna take 
away my freedoms for connecting to an insecure home wireless network. I 
know its wrong to "steal" bandwidth, and I don't want a new 100 response 
opinion fest. Please keep your "is too/is not" to yourself. I know that 
this idea is ethically questionable. Another reason why I won't be 
implementing it any time soon.

Winbox feature wishlist:
I would like to be able to sort my DHCP leases by the comment field.

I would also, for that matter, be able to sort my DHCP leases by the IP 
address (like I could in 2.8). I like the 2.9 capability of assigning a 
dhcp lease to a specific pool, but then sorting by IP address now just 
seems to randomize the order.

If I could sort by IP address, then have all of my bridge leases 
(172.16.x.x) together, all of my customer leases (64.123.x.x) together, 
that would be awesome.
If I could sort by comment, then finding "smith, bob" then finding 
"smith, bob - bridge" to see if either/both have an active lease would 
be MUCH easier, and make life much better for my staff.

Pete Davis
NoDial.net

Butch Evans wrote:
> I'd like to throw this out for the weekend.  I want to gather some
> ideas for IMPLEMENTATIONS you'd like to see with existing RouterOS 
> technology.  I have a few that I can think of off the top of my head 
> that I will try to get documented (some possibly for free - to be 
> posted on my website).  For example:
>
> 1. Automated virus detection - this application would need to be able
> to detect virus like activity (whatever that means) and automatically 
> cause the offender - if they are on-net - to be disconnected except 
> for the ability to visit http://housecall.antivirus.com and test to 
> see if they have removed the virus(es) before allowing full access again.
>
> 2. Automatically build a list of valid SMTP servers based on servers
> that have been used to check email (I've done this one several 
> times).  This will prevent those viruses and spam trojans from getting 
> your IP blacklisted if you NAT.
>
> 3. Queue mechanism that implements an automated fair access policy
> (similar to what some of the satellite companies do) - I have done 
> something SIMILAR to this, but implementing this properly will take a 
> bit more work.
>
> OK...So I've got you started...now step forth with your ideas (either
> implemented already or just a "wish-list") and let's come up with some 
> really cool stuff!  While we're at it, you can let me know what you 
> think of the above ideas...are they worth the effort?
>

-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/


-- 
WISPA Wireless List: wireless@wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/

Reply via email to