Re: Network Manager Wifi thoughts



I suppose the root dns servers retain static IPs? is it not possible to compare something to a hardcoded IP of a root dns server?

Secondly, the captive portals I've come across (Microtik) don't really "fake" ping replies, I think they return valid errors (One says "destination network forbidden"). Also, the login machine usually lies on a machine on the same network as "your computer" so if it redirects you to a page, and that page happens to be in the same subnet as your IP, then you know you aren't connected to the Internet.

Just guessing here though. Not my turf.

Fanen Ahua


fortune: Lay on, MacDuff, and curs'd be him who first cries, "Hold, enough!". -- Shakespeare
On Fri, 2008-04-04 at 16:25 -0400, Martin Owens wrote:
I address each of these issues with short reference quotes rather than
quoting the entire previous emails.

> 1) Captive portals ...
> 2) pinging google/root-dns/whatever ...
> 3) page-scraping google/yahoo/whatever ...
> 4) ARP-ing a known MAC ...
> 5) Proxies: pretty much explanatory ...

The issues you bring up are good, and I will continue to think about
the problem and present ideas.

> A bit problem here is user trust issues ...
> A good example of this issue is the Firefox SSL self-signed-certificate

I completely agree, if the user gets false positives anything more
than 1 in 100 times then the functionality is detrimental as your
burdened with extra code and ui complexity without any real benefit.
Oh believe me when I say I understand this problem all too well.

>  I'm not against it, I just need to see an implementation that doesn't
>  have too many false-positives and doesn't have too many false negatives
>  first.

That may be possible, the main barriers we have are:
1) Captive Portals,
2) Proxies
3) VPNs (issue?)
4) Causing lots of traffic

> The big question I have is "What does Vista do?"

I don't think it's worth looking at Vista, (and no not because it's
windows) I don't believe it's worth looking at a flawed system (as
you've pointed out) when the system is hidden and the problem should
be solvable from first principles.

> In the end, it's certainly possible for an external tool ...

I do believe that there is room for a research project which can test
methods. But I strongly object to any formal project since it would
complicate functionality, responsibility and make the NH project
complacent in incorporating such functionality without significant
want from core developers.

Now an Idea I just had was a kind of DNS test which would look at 2 or
3 domains to see if any addresses come back (no dns) if the addresses
are all the same (Captive Portals). I'm not very familar with proxies
and vpns to have a clear idea of the results from those set ups. This
may in fact be related to the "Search Domains" which windows has had
for a long time but I can't be sure.

Thoughts?

Best Regards, Martin Owens
_______________________________________________
NetworkManager-list mailing list
NetworkManager-list gnome org
http://mail.gnome.org/mailman/listinfo/networkmanager-list


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]