2011-11-12 - Re: [GRASE-Hotspot] Users and Groups

Header Data

From: OlotWireless <ol***s@gmail.com>
Message Hash: 447a34492544951eb7aefafda4e3e0bcd953a7e070fcbd3d603cef0c2c18b0a7
Message ID: <4EBE4617.9010502@gmail.com>
Reply To: <4EB87115.3040303@gmail.com>
UTC Datetime: 2011-11-12 03:10:31 UTC
Raw Date: Sat, 12 Nov 2011 11:10:31 +0100

Raw message 

Thanks Tim for your answers.

About the third point, about ARP Spoofing trouble, we find a ArpOn 
http://arpon.sourceforge.net/ I've tried it and that works with intfaces 
eth0 , eth1 etc... but unfortunately, at present, does not recognize 
"tun0". I think it might be a good solution if in the future can 
recognize tun0.

Thanks for your time and work.

Pere



El 08/11/2011 1:00, Tim White escribi\ufffd:
> CCed the mailing list so everyone will benefit.
>
> On 08/11/11 09:18, OlotWireless wrote:
>>
>> 1.-In our case, we have a 6 month "users", but no one in the same 
>> date start/end. We must create a Group for every user?. We likes 
>> create only a user with 6 month account and no time/data 
>> restrictions. Its possible?
> When you create the group, use the format "+6 month" for expiry, then 
> each user will have 6 months from when you create the user. (And just 
> don't set any data/time limits in the group or the user)
>>
>> 2.-We have a seriousproblem with the newgeneration of mobile 
>> phonesbecause theyautomaticallycallourwireless LAN andthe IP rangeis 
>> exhaustedquickly. We can configure the DHCP with 255.255.0.0 mask?? how?
> In the latest version you can set all the Network Settings in the 
> admin interface, you can change the netmask there.
>>
>> 3.- Also, we have a serious problem with some mobile "aplications"... 
>> for example Droidsheep http://droidsheep.de/ because it "clone" with 
>> ARP the existent connection... and you can imagine the results in the 
>> network and over the hotspot. Any possible solution?
> Unfortunately there is really hard to stop, even with WPA2. Your 2 
> options really are advising users to use HTTPS instead of HTTP, and 
> having a clause on the login page (Terms and Conditions) that all 
> "cracking" activity will be reported to the police etc etc.
> There are a few linux tools you can run that detect arp spoofing, 
> which may also give you the mac address of the client doing the 
> spoofing. You can then block that clients access totally, although 
> that won't stop them trying, but if they find out they don't get any 
> Internet access, it may deter them.
>
> Tim

Thread