[isf-wifidog] How to Auth non-browser based devices
Pete Flaherty
pjf at cape.com
Mer 1 Fév 00:27:58 EST 2006
WiFi Phones are pretty easy, just allow only the SIP ports through
(5060,5061) to either anywhere or a specific service (just look at the
wifidog.config) for some clues :
-Pete Flaherty
On Wed, 2006-02-01 at 00:05 -0500, Benoit Grégoire wrote:
> On January 31, 2006 11:37 pm, Jason Potter wrote:
> > Hi All,
> >
> > Just an extension to the discussion below, what are the approaches to
> > giving free wifi to devices in a venue that don't have a browser.
>
> 1-Tie MAC adress(es) to a single user account who vouches for it
> (http://dev.wifidog.org/ticket/19). Only slightly more insecure than normal
> captive portal operation.
> 2-Whitelist specific servers ("perfectly" secure, allows the group to ask
> money from their operators for the priviledge since they run a business on
> your network). Good for the DS and VOIP operators, doesn't work for allowing
> you to connect to you own asterisk server for example.
> 3-Whitelist specific ports (such as SIP). Once you do that, anyone can tunnel
> any kind of traffic trough them.
> 4-Don't run any authentication at all. Works fine for those who only run a
> portal to display a splash page and terms of service.
>
> I hadn't tought of Pete's solution:
> 5-Whitelist a range of MAC adresses by manufacturer. Only works when the
> manufacturer and the service to be whitelisted are the same, so it would work
> for the DS, but not for a wifi phone). Also, once the users know whose
> device is whitelisted, they no longuer have to guess of find a MAC adress to
> spoof.
>
> If anyone has other ideas, please speak up. So far there is no perfect
> solution.
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060201/d38593b9/attachment.htm
More information about the WiFiDog
mailing list