<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Sean McRobbie wrote:
<blockquote
cite="mid:1182587.1751.1260528438825.JavaMail.root@mail.ikhost.net"
type="cite">
<pre wrap="">DNAT = device required
DHCP = device required
DNS via DHCP = optional
You can apparently tunnel via DNS too to break out of some hotspots.
</pre>
</blockquote>
You referring to TCP/IP over DNS, which if you are yeah its possible.
I looked at this only in passing a few years ago. I also believe you
can tunnel SSH over DNS, which of course has interesting uses <br>
<blockquote
cite="mid:1182587.1751.1260528438825.JavaMail.root@mail.ikhost.net"
type="cite">
<pre wrap="">Regards,
Sean McRobbie
----- Original Message -----
From: "Marcel Hecko" <a class="moz-txt-link-rfc2396E" href="mailto:marcel@shmu.org.uk"><marcel@shmu.org.uk></a>
To: "Tayside Linux User Group" <a class="moz-txt-link-rfc2396E" href="mailto:dundee@lists.lug.org.uk"><dundee@lists.lug.org.uk></a>
Sent: Friday, 11 December, 2009 9:41:24 AM
Subject: Re: [dundee] Instant hotspot Idea
Sorry, to more clear - you only need one public installation for many
LANs. So the solution can be offered on SaS basis.
Marcel
Robert Ladyman wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I'm puzzled - if there's no hardware involved, what's handing out your DNS
addresses and CSS?
</pre>
<blockquote type="cite">
<pre wrap="">Sean, what is the Mikrotik bug you heave reported?
Well, it might not be that simple to bypass. If you force DNS for the
users using DNAT it will be ratrer more complex, because you will have
to either:
- disable cookies
- disable CSS
- block the retreival of one particular CSS file (if the name of the css
file is not generated randomly:))
- rewrite HTML upon its retreival from proxy
Well, of course the solution is not very secure, however it does create
the possibility to create extremely simple Captive system for
non-sysadmins for Internet Cafes, small hotspot networks and so on - and
absolutely no HW necessarry.
Im working on the Proof of concept right now. Will let you know once
this is ready.
Marcel
Sean McRobbie wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Mikrotik still haven't fixed some majorly annoying bug I've reported on
hotspot.
The DNS idea is unfortunately too simple - people like me will bypass it
(without even knowing so too).
Regards,
Sean McRobbie
----- Original Message -----
From: "Marcel Hecko" <a class="moz-txt-link-rfc2396E" href="mailto:marcel@shmu.org.uk"><marcel@shmu.org.uk></a>
To: "Tayside Linux User Group" <a class="moz-txt-link-rfc2396E" href="mailto:dundee@lists.lug.org.uk"><dundee@lists.lug.org.uk></a>
Sent: Friday, 11 December, 2009 8:44:16 AM
Subject: Re: [dundee] Instant hotspot Idea
That would require a separate physical PC between the Internet and LAN -
I have tested many solutions like that and we are using the one from
Mikrotik on one of our networks right now, however that is not exactly
my vision - the idea plotted is based on the premise that no additional
equipments has to be installed and yet works per-user.
It has many many limitations, but for the basic service it's a brilliant
idea :)
Marcel
Robert Ladyman wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I think that ZoneCD might be what you want.
<a class="moz-txt-link-freetext" href="http://www.publicip.net/">http://www.publicip.net/</a>
</pre>
<blockquote type="cite">
<pre wrap="">I have a dream.
A dream about instant captive portal solution. The deployment would
only require the network admin to change the DNS settings for LAN
users. The idea flows in my head approximately like this:
USER requests foo.com
DNS responds with IP for pong.com
pong.com is a (Squid) proxy which downloads foo.coms index.html
proxy adds a link for css stylesheet file located on pong.com server to
index.html page from foo.com
the changed index.html is served to USER
USER requests css file from pong.css server - creates HTTP GET request
if (HTTP request for style.css on pong.com includes users cookies) {
the style.css is a blank file
} else {
the stylesheet is designed the way to render the foo.com index page
unreadable and displays notice on how to register on pong.com
}
the registration would set proper cookie in users browser for pong.com
domain
Of course, style.css can easily be changed to any other element of the
page - such as IMG , but stylesheet would serve quite well.
Now, is there any DNS/HTTP/COOKIE expert who can tell me whether this
is actually technically possible to do? I believe it is and I also
think that I have never seen such a service in practice.
I am finishing this mail with one of my mottos:
"Life is to short to keep secrets"
Marcel
please reply to
<a class="moz-txt-link-abbreviated" href="mailto:marcel@shmu.org.uk">marcel@shmu.org.uk</a>
Marcel Hecko
Connected SHMU Project Manager
Station House Media Unit
Station Road, Woodside,
Aberdeen AB24 2WB
Tel - 01224 487174
<a class="moz-txt-link-abbreviated" href="http://www.shmu.org.uk">www.shmu.org.uk</a>
listen to our community radio station live at <a class="moz-txt-link-abbreviated" href="http://www.shmufm.net">www.shmufm.net</a>
-----------------------------------------------------------------------
---- ------------ This message is not intended to have contractual
effect
-----------------------------------------------------------------------
---- ------------
Save a tree - don't print this e-mail or any attachment unless
absolutely necessary.
_______________________________________________
dundee GNU/Linux Users Group mailing list
<a class="moz-txt-link-abbreviated" href="mailto:dundee@lists.lug.org.uk">dundee@lists.lug.org.uk</a> <a class="moz-txt-link-freetext" href="http://dundeelug.org.uk">http://dundeelug.org.uk</a>
<a class="moz-txt-link-freetext" href="https://mailman.lug.org.uk/mailman/listinfo/dundee">https://mailman.lug.org.uk/mailman/listinfo/dundee</a>
Chat on IRC, #tlug on irc.lug.org.uk
</pre>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<pre wrap=""><!---->
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Arron "finux" Finnon
Finux.co.uk/blog - Twitter.com/f1nux - facebook.com/finux
Podcasting for HPR, shows can be found at;
<a class="moz-txt-link-freetext" href="http://hackerpublicradio.org/correspondents.php?hostid=85">http://hackerpublicradio.org/correspondents.php?hostid=85</a>
</pre>
</body>
</html>