Re: Network Manager Wifi thoughts



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There are definitely those that DO fake replies. Mine is bad enough to
accept SSH logins, which is a real problem since it allows you hand over
the password to one of your machines if you aren't careful.

=R

Fanen Ahua wrote:
> I suppose the root dns servers retain static IPs? is it not possible to
> compare something to a hardcoded IP of a root dns server?
> 
> Secondly, the captive portals I've come across (Microtik) don't really
> "fake" ping replies, I think they return valid errors (One says
> "destination network forbidden"). Also, the login machine usually lies
> on a machine on the same network as "your computer" so if it redirects
> you to a page, and that page happens to be in the same subnet as your
> IP, then you know you aren't connected to the Internet.
> 
> Just guessing here though. Not my turf.
> 
> Fanen Ahua <http://traversingmind.blogspot.com>
> ------------------------------------------------------------------------
> 
> fortune: Lay on, MacDuff, and curs'd be him who first cries, "Hold,
> enough!". -- Shakespeare
> 
> On Fri, 2008-04-04 at 16:25 -0400, Martin Owens wrote:
>> I address each of these issues with short reference quotes rather than
>> quoting the entire previous emails.
>>
>> > 1) Captive portals ...
>> > 2) pinging google/root-dns/whatever ...
>> > 3) page-scraping google/yahoo/whatever ...
>> > 4) ARP-ing a known MAC ...
>> > 5) Proxies: pretty much explanatory ...
>>
>> The issues you bring up are good, and I will continue to think about
>> the problem and present ideas.
>>
>> > A bit problem here is user trust issues ...
>> > A good example of this issue is the Firefox SSL self-signed-certificate
>>
>> I completely agree, if the user gets false positives anything more
>> than 1 in 100 times then the functionality is detrimental as your
>> burdened with extra code and ui complexity without any real benefit.
>> Oh believe me when I say I understand this problem all too well.
>>
>> >  I'm not against it, I just need to see an implementation that doesn't
>> >  have too many false-positives and doesn't have too many false negatives
>> >  first.
>>
>> That may be possible, the main barriers we have are:
>> 1) Captive Portals,
>> 2) Proxies
>> 3) VPNs (issue?)
>> 4) Causing lots of traffic
>>
>> > The big question I have is "What does Vista do?"
>>
>> I don't think it's worth looking at Vista, (and no not because it's
>> windows) I don't believe it's worth looking at a flawed system (as
>> you've pointed out) when the system is hidden and the problem should
>> be solvable from first principles.
>>
>> > In the end, it's certainly possible for an external tool ...
>>
>> I do believe that there is room for a research project which can test
>> methods. But I strongly object to any formal project since it would
>> complicate functionality, responsibility and make the NH project
>> complacent in incorporating such functionality without significant
>> want from core developers.
>>
>> Now an Idea I just had was a kind of DNS test which would look at 2 or
>> 3 domains to see if any addresses come back (no dns) if the addresses
>> are all the same (Captive Portals). I'm not very familar with proxies
>> and vpns to have a clear idea of the results from those set ups. This
>> may in fact be related to the "Search Domains" which windows has had
>> for a long time but I can't be sure.
>>
>> Thoughts?
>>
>> Best Regards, Martin Owens
- --
 ---- _  _ _  _ ___  _  _  _
 |Y#| |  | |\/| |  \ |\ |  | |Ryan Novosielski - Systems Programmer II
 |$&| |__| |  | |__/ | \| _| |novosirj umdnj edu - 973/972.0922 (2-0922)
 \__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH/iqOmb+gadEcsb4RAmOOAJ9eSY84gJ32ZwnwlH7/Nq1mt6ExEQCgn9A7
wQnL1ygzPcBbF2qg/p9F94Q=
=8oqy
-----END PGP SIGNATURE-----
begin:vcard
fn:Ryan Novosielski
n:Novosielski;Ryan
org:UMDNJ;IST/AST
adr;dom:MSB C630;;185 South Orange Avenue;Newark;NJ;07103
email;internet:novosirj umdnj edu
title:Systems Programmer II
tel;work:(973) 972-0922
tel;fax:(973) 972-7412
tel;pager:(866) 20-UMDNJ
x-mozilla-html:FALSE
version:2.1
end:vcard



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]