[isf-wifidog] rogue gateways?
pjf at cape.com
pjf at cape.com
Jeu 6 Sep 22:54:30 EDT 2007
See it, been there.
I deleted the default node in the db, and created a 'test node' so the
default will never work.
I ran across this when I was helping a startup community group, and they
were installing and setting up their hotspots, we were hosting their
authentication on our server with a different network ID.
Needless to say once they had their own auth-server up, I was still seeing
their new nodes showing up periodically in the default, sometimes for days
at a time, I needed to do something and deleting the default, and creating
a test was the simple answer. You are supposed to go into the node to set
it up anyways so using a default seemed a bit too easy.
Sice then I have rolled our own wifidog for OpenWRT, with our default test
node setup and all the appropriate settings (needed a default in case of a
reset, or if we needed to do a full reset remotely, and then go into it
and reconfigure as needed)
and yes the password is also pre-set in this package so we can get into it
to manage it from a reset...
Just my 2 cents
Cape Com Wifi Services
> This is a weird one...
> Today I received a support call from a user -- her password wasn't
> I asked what hotspot she was logging into, and as it turns out, she's in
> downtown Ottawa. Wireless Toronto doesn't have any hotspots in Ottawa,
> our tech support phone number is only available on our login & portal
> So I did a little digging, and this user has been logging into our network
> for the past 2 months, on the node with gw_id "default". We use that node
> only for testing, and I hadn't noticed that it's been "up" for a while
> So, apart from trying to figure out who is running this, I'm wondering
> the question of "rogue" gateways. Has anyone had this happen to them
> before? And a related question: what would happen if two gateways were
> reporting the same gw_id?
> We *do* have full step-by-step instructions on our wiki about how we set
> our routers, and I'd thought that the benefit-to-the-community aspect
> outweigh the too-much-sensitive-information issue, but now I guess I have
> Has anyone thought about an authentication scheme for gateways? A cert
> system, maybe, like OpenVPN uses?
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
Plus d'informations sur la liste de diffusion WiFiDog