[isf-wifidog] How to Auth non-browser based devices

Pete Flaherty pjf at cape.com
Mer 1 Fév 00:27:58 EST 2006


WiFi Phones are pretty easy, just allow only the SIP ports through
(5060,5061) to either anywhere or a specific service (just look at the
wifidog.config) for some clues :

-Pete Flaherty

On Wed, 2006-02-01 at 00:05 -0500, Benoit Grégoire wrote:

> On January 31, 2006 11:37 pm, Jason Potter wrote:
> > Hi All,
> >
> > Just an extension to the discussion below, what are the approaches to
> > giving free wifi to devices in a venue that don't have a browser.
> 
> 1-Tie MAC adress(es) to a single user account who vouches for it 
> (http://dev.wifidog.org/ticket/19).  Only slightly more insecure than normal 
> captive portal operation.
> 2-Whitelist specific servers ("perfectly" secure, allows the group to ask 
> money from their operators for the priviledge since they run a business on 
> your network).  Good for the DS and VOIP operators, doesn't work for allowing 
> you to connect to you own asterisk server for example.
> 3-Whitelist specific ports (such as SIP).  Once you do that, anyone can tunnel 
> any kind of traffic trough them.
> 4-Don't run any authentication at all.  Works fine for those who only run a 
> portal to display a splash page and terms of service.
> 
> I hadn't tought of Pete's solution:
> 5-Whitelist a range of MAC adresses by manufacturer.  Only works when the 
> manufacturer and the service to be whitelisted are the same, so it would work 
> for the DS, but not for a wifi phone).  Also, once the users know whose 
> device is whitelisted, they no longuer have to guess of find a MAC adress to 
> spoof.
> 
> If anyone has other ideas, please speak up.  So far there is no perfect 
> solution.
> 
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060201/d38593b9/attachment.htm


More information about the WiFiDog mailing list