[isf-wifidog] Re: update from municonference
Iurgi Arginzoniz
iurgi at fon.es
Mer 21 Juin 17:55:37 EDT 2006
Hi all,
But there's something I don't seem to understand. What is the current status of the mac authentication? It's not included in the feature list and I can only see 2 open tickets related to it.
User+pass+mac shouldn't be difficult at all (I guess we are talking about the mac address of the AP to limit the user to a certain number of APs - correct me if I'm wrong - or are you talking about authenticating users that use an specific device? If so, what would be the use you are thinking on?): it'd probably mean a little change in the gateway and another one in the auth server+DB.
I am currently starting to deeply study wifidog to consider it as a substitution to chillispot in our network. One of the most important things for us is to be able to authenticate devices that don't have a html browser (no http redirection is possible). Furthermore, we dream to have devices identified based on their OUI (is that the name of the mac prefix?) and open the access depending on the expected service, i.e.: open access ONLY to nintendo gaming servers and ports to nintendo ds devices. This is good for both optimizing the access rules (non browser based devices require a limited number of ports/services open) and also avoid mac-spoofing for free authentication: if I spoof a nintendo ds' mac address with my PC I will only be able to use nintendo gaming servers and ports.
Any ideas, comments, info related to this?
Thanks!
Iurgi
---
Sent via BlackBerry
-----Original Message-----
From: "Ian White" <ian.white at datamile-computers.com>
Date: Wed, 21 Jun 2006 22:02:03
To:"WiFiDog Captive Portal" <wifidog at listes.ilesansfil.org>
Subject: Re: [isf-wifidog] Re: update from municonference
The locustworld mesh uses nocat, and you can setup users as validated against
mac
user+pass
user+pass+mac
depending on how secure you want your logings to be.
It should be a simple change to add mac to the first login redirect, I'd do once I get a build env setup
----- Original Message -----
From: Dana
Spiegel: <mailto:dana at nycwireless.net>
To: WiFiDog Captive Portal: <mailto:wifidog at listes.ilesansfil.org>
Sent: Wednesday, June 21, 2006 6:52 PM
Subject: Re: [isf-wifidog] Re: update from municonference
This would work for VOIP phones (I think we discussed this a few months ago).
Dana Spiegel
Executive Director
NYCwireless
dana at NYCwireless.net: <mailto:dana at NYCwireless.net>
www.NYCwireless.net: <http://www.NYCwireless.net>
+1 917 402 0422
Read the Wireless Community blog: http://www.wirelesscommunity.info: <http://www.wirelesscommunity.info>
On Jun 21, 2006, at 1:00 PM, François Proulx wrote:
I guess Nintendo has a few IEEE OUI. If we have add MAC whitelist via the auth server it could also support OUI groups.
On 21-Jun-06, at 12:40 PM, Michael Lenczner wrote:
How would the mac address get on the list?
If the answer is that people would have to submit their mac address, I
don't think that's a workable solution for tens of thousands of
regular users.
On 6/21/06, ian.white at datamile-computers.com: <mailto:ian.white at datamile-computers.com>
<ian.white at datamile-computers.com: <mailto:ian.white at datamile-computers.com> > wrote:
I think mac only auth needs adding to support devices that don't support
html like nintendo DS etc. I think its a simple change of sending the mac
is the first wifidog redirection as well as the second, and then auto
permitting if the mac is in a list.
Ian
> update # 2
>
_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org: <mailto:WiFiDog at listes.ilesansfil.org>
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog: <http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog>
_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org: <mailto:WiFiDog at listes.ilesansfil.org>
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog: <http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog>
----------------
_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog_______________________________________________
WiFiDog mailing list
WiFiDog at listes.ilesansfil.org
http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
Plus d'informations sur la liste de diffusion WiFiDog