Re: Detecting AIRsnorting guys


From: Yanghwee (mx5yh_at_singnet.com.sg)
Date: 2002-10-04 01:28:37 UTC



On Wed, 2 Oct 2002 03:09:48 -0400
Jason Boxman <jasonb_at_edseek.com> wrote:

> On Wednesday 02 October 2002 02:07 am, Clint Todish wrote:
> <snip>
> > where 10.100.0.1 is a windows 2000 box running DHCP/DNS and RAS (PPTP) and
> > has very restricted IP Filters on the wireless side NIC. If a passing user
> > were to get an association, they would get an IP address on the
> > 10.100.0.0/24 network via DHCP - but would be unable to get to any other
> > wireless devices on the net. DNS works, but pinging any outside resolved
> > addresses results in the user pinging 10.100.0.1. The logic behind this is
> > : there is a web server running on 10.100.0.1 telling unauthorized users to
> > go away which they will promptly see if they open a web browser. Authorized
>
> I was going to set something like that up, I just haven't had a chance yet. :(
>
> I intend to get it up and running with FreeS/WAN IPSec for Linux 2.4.x. I'm
> all patched and ready to roll, I just haven't had time to learn the
> configuration syntax and properly troubleshoot things. And the other box is
> a Windows 2000 machine, which complicates setup somewhat. If only I had
> another Linux box with a WLAN card to get it working initially. Oh well. :)
>
> <snip>
>
> > good luck.
> > -C
> >
> >
> <snip>
>
> --
>
> Jason Boxman
> Administrator TrekWeb.COM
> http://trekweb.com/~jasonb/articles/ - Linux Pages
>
>
>

i've written a very brief summary on the WirelessLAN using HostAP plus IPSEC, configs with an illustration,

   http://student.bii.a-star.edu.sg/~tanyh/proj1_ipsec.html  

any comments/queries are welcome.
please feel free to use the dupe configs if it suits ya!

Cheers! ;-)

-- 
--x--x--x--x--x--x--x--x--
  Yanghwee TAN
  mx5yh_at_singnet.com.sg


This archive was generated by hypermail 2.1.4.