Re: Network Manager Wifi thoughts
- From: Ryan Novosielski <novosirj umdnj edu>
- To: networkmanager-list gnome org
- Subject: Re: Network Manager Wifi thoughts
- Date: Thu, 10 Apr 2008 10:56:14 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
There are definitely those that DO fake replies. Mine is bad enough to
accept SSH logins, which is a real problem since it allows you hand over
the password to one of your machines if you aren't careful.
=R
Fanen Ahua wrote:
> I suppose the root dns servers retain static IPs? is it not possible to
> compare something to a hardcoded IP of a root dns server?
>
> Secondly, the captive portals I've come across (Microtik) don't really
> "fake" ping replies, I think they return valid errors (One says
> "destination network forbidden"). Also, the login machine usually lies
> on a machine on the same network as "your computer" so if it redirects
> you to a page, and that page happens to be in the same subnet as your
> IP, then you know you aren't connected to the Internet.
>
> Just guessing here though. Not my turf.
>
> Fanen Ahua <http://traversingmind.blogspot.com>
> ------------------------------------------------------------------------
>
> fortune: Lay on, MacDuff, and curs'd be him who first cries, "Hold,
> enough!". -- Shakespeare
>
> On Fri, 2008-04-04 at 16:25 -0400, Martin Owens wrote:
>> I address each of these issues with short reference quotes rather than
>> quoting the entire previous emails.
>>
>> > 1) Captive portals ...
>> > 2) pinging google/root-dns/whatever ...
>> > 3) page-scraping google/yahoo/whatever ...
>> > 4) ARP-ing a known MAC ...
>> > 5) Proxies: pretty much explanatory ...
>>
>> The issues you bring up are good, and I will continue to think about
>> the problem and present ideas.
>>
>> > A bit problem here is user trust issues ...
>> > A good example of this issue is the Firefox SSL self-signed-certificate
>>
>> I completely agree, if the user gets false positives anything more
>> than 1 in 100 times then the functionality is detrimental as your
>> burdened with extra code and ui complexity without any real benefit.
>> Oh believe me when I say I understand this problem all too well.
>>
>> > I'm not against it, I just need to see an implementation that doesn't
>> > have too many false-positives and doesn't have too many false negatives
>> > first.
>>
>> That may be possible, the main barriers we have are:
>> 1) Captive Portals,
>> 2) Proxies
>> 3) VPNs (issue?)
>> 4) Causing lots of traffic
>>
>> > The big question I have is "What does Vista do?"
>>
>> I don't think it's worth looking at Vista, (and no not because it's
>> windows) I don't believe it's worth looking at a flawed system (as
>> you've pointed out) when the system is hidden and the problem should
>> be solvable from first principles.
>>
>> > In the end, it's certainly possible for an external tool ...
>>
>> I do believe that there is room for a research project which can test
>> methods. But I strongly object to any formal project since it would
>> complicate functionality, responsibility and make the NH project
>> complacent in incorporating such functionality without significant
>> want from core developers.
>>
>> Now an Idea I just had was a kind of DNS test which would look at 2 or
>> 3 domains to see if any addresses come back (no dns) if the addresses
>> are all the same (Captive Portals). I'm not very familar with proxies
>> and vpns to have a clear idea of the results from those set ups. This
>> may in fact be related to the "Search Domains" which windows has had
>> for a long time but I can't be sure.
>>
>> Thoughts?
>>
>> Best Regards, Martin Owens
- --
---- _ _ _ _ ___ _ _ _
|Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II
|$&| |__| | | |__/ | \| _| |novosirj umdnj edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFH/iqOmb+gadEcsb4RAmOOAJ9eSY84gJ32ZwnwlH7/Nq1mt6ExEQCgn9A7
wQnL1ygzPcBbF2qg/p9F94Q=
=8oqy
-----END PGP SIGNATURE-----
begin:vcard
fn:Ryan Novosielski
n:Novosielski;Ryan
org:UMDNJ;IST/AST
adr;dom:MSB C630;;185 South Orange Avenue;Newark;NJ;07103
email;internet:novosirj umdnj edu
title:Systems Programmer II
tel;work:(973) 972-0922
tel;fax:(973) 972-7412
tel;pager:(866) 20-UMDNJ
x-mozilla-html:FALSE
version:2.1
end:vcard
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]