[isf-wifidog] Roadmap?
Alexandre Carmel-Veilleux
saruman at northernhacking.org
Mer 18 Mai 20:34:32 EDT 2005
On Wed, May 18, 2005 at 11:33:02PM +0200, Jkx wrote:
>
> In fact i've already started something like that. I don't have a tgz yet
> since i doesn't have a lot of time right now. but this is my goal.
Again, I'm interested in coordinating the efforts on light weight
auth servers and keeping the "authoritative" copy of them in the ISF CVS.
> And right now, you can't change that, because the gw isn't https aware.
Using openvpn has I explained in a previous message on this
thread could provide encryption. As I also explained in that message,
the gateway <-> auth server chatter doesn't carry actual credentials,
only one-time use tokens that are locked to an individual IP/MAC pair.
> This sound a good feature too me, but there is a drawback (which already
> exist), somebody can place a face gateway by stealing the gw_id or mac..
> no ?
And achieve what? They'll screw up the stats as it stands right
now. That's pretty much it.
I'm curious what are the worries relating to gateway impersonation?
If it's a sufficient problem, I might look into doing something.
Alex
Plus d'informations sur la liste de diffusion WiFiDog