my university has a wireless which is open ,not using any wep/wpa protection but you need to login in a webpage to enter which they give us the codes to use it.
it seems to me that this method is more secure than wep/wpa! does anyone know how it is possible to apply this to your home wireless ?
thanks in advance
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
What you're talking about is called a captive portal. Read more about them here. >>
As far as making one..I believe you have to put yor AP in "bridged" mode. Theres something called NoCatAuth>>>Sorry, but thats the limit of my knowledge on this subject.Code:
Streaker69 would be the best candidate to field this question.
Well speak of the devil..lol. Streaker beats me to the punch.
[CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
[CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
[URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
[URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
[URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]
[URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
the starbucks near me uses a similar system. Open network, web authentication.
As the others have stated, a captive portal (also known as a "Walled Garden") is NOT secure, at least not in the sense that the traffic is not encoded, and it may be subject to to MiM attacks as well as monitoring and capture attacks.
However, a captive portal can be used however to restrict users to just the wireless network and not the wired portion, or to limit which users have access to the Internet over the wireless network. If you want to try it I would suggest the Zone CD [publicip.net]. This is the simplest method for someone with limited resources. You will need a extra PC equipped with two (2) NICs between your AP and the outbound router. The PC doesn't have to be anything extravagant, old Pentium 100 with 128MB RAM will be just fine. You can easily edit your own HTML page to introduce users to your wireless network.
You can also do this with NoCat Splash [nocat.net] if you have a Linksys WRT54G, and are running either OpenWrt [openwrt.org] or ewrt [www . portless.net/menu/ewrt/]. Getting either of these specialized firmwares running on a WRT54G is not exactly a trivial exercise, and should not be attempted if you aren't willing to sacrifice the WRT to the wireless gods. It is quite easy to turn the device into a large blue paperweight if something goes wrong with setting the firmware on the WRT54G. Consider yourself warned.
Stop the TSA now! Boycott the airlines.
I have one to prove it. It is easy to "brick"one of these so be careful. The do have a security measure similar to this at my school. I've never fully understood how they do this. Streaker gave me a clue but my research did not come up with much. They have a captive portal just like many places do. That I fully understand and have one at home on my dd-wrt router. What I don't understand is how no matter how many people are logged in on the wireless every one seems to have a different subnet or something. What I mean is 20 people can be on the wireless in the library however a nmap scan will reveal only my pc and the gateway. I wish I knew how they did that. That seems to me to be a excellent security measure. I think streaker told me to look up compartmentalization however I could not find much.Getting either of these specialized firmwares running on a WRT54G is not exactly a trivial exercise, and should not be attempted if you aren't willing to sacrifice the WRT to the wireless gods. It is quite easy to turn the device into a large blue paperweight if something goes wrong with setting the firmware on the WRT54G. Consider yourself warned.
thanks for the information people , as it is vulnerable to MiM attacks i will not try to implement it since i sometimes make money transactions, buy things on internet etc. So it's best use is for just allowing only the people who really have access to the wireless but it's not safe for the users.
i will also read from the links Xploitz mentioned
You can also do this with a smoothwall box (2 nics in an old computer). Or force it to be redirected to whatever website you wish. A lot of hotels use the same setup. A lot of hotels also leave the default password on this so that it can be changed Also, a lot of hotels require that you "login" to use the internet and you give the hotel your email address and then a "verification" password. Although, if you pound on the keyboard for the login and password box, it will accept whatever lol.
It's kinda funny. I wonder who sets up this stuff.
I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69