More Related Content Similar to daloRADIUS - Cracking a hole in the HotSpot (20) daloRADIUS - Cracking a hole in the HotSpot1. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Fromblackholesto
wirelessnetworking
Liran Tal
2013
daloRADIUS and cracking a hole in the hotspot
2. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
What’sahead…
3. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.3
Topics
Wireless ISPs and Hotspots
RADIUS and How It Works
Open Source
A journey through open source, from need to product
4. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
TheStory
5. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.5
2006
6. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.6
2006Twitter
UX Designer
Android
iPhone
Apps Store
Responsive Web
HTML5
7. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.7
* Image source: capecoral.net
First REAL job at a Hi-Tech startup
8. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.8
Which Hi-Tech startup?
9. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.9
Why REAL startup?
10. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.10
Why REAL startup?
11. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.11
Why REAL startup?
12. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.12
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
13. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.13
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
• Mail Server
• Networking
14. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.14
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
* Image source: makeuseof.com
Wireless ISP
15. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.15
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
* Image source: makeuseof.com
16. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.16
* Image source: makeuseof.com
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
17. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.17
* Image source: makeuseof.com
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
18. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.18
* Image source: makeuseof.com
10Levels participated,
as an integrator,
for big WISP project
in Freetown, Sierra Leone
led by Netcom
19. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.19
* Image source: arstechnica.com
Users report network issues
20. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.20
* Image source: omnitechsupport.com
Local CTO calls Netcom (integrator)
21. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.21
* Image source: findandconvert.com
Netcom contact person calls 10Levels
22. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.22
* Image source: shutterstock.com
2 weeks later I’m in Sierra Leone
Doing network sniffing with
my best friend ethereal
23. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.23
* Image source: sean mendis
Freetown’s air port...
24. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.24
* Image source: sean mendis
Freetown’s air port...
and that’s after the upgrade
25. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.25
* Image source: sean mendis
Freetown’s air port...
From my camera
26. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.26
* Image source: www.screenhog.com
27. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.27
* Image source: www.screenhog.com
Company has an idea…
28. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.28
* Image source: www.screenhog.com
or actually…
29. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.29
* Image source: www.screenhog.com
an IDEA!
30. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.30
* Image source: http://www.ossramblings.com/
Let’s do WISP, on Linux
31. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.31
* Image source: www.screenhog.com
How do you pull a WISP?
32. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.32
* Image source: fibernova.com, http://img1.mlstatic.com/
Access Points and Backhaul
for infrastructure
33. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.33
* Image source: crn.com
Network equipment, routers, switches
34. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.34
* Image source: http://www.citrusdb.org/, http://www.freeside.biz/
You do want to make money, right?
Billing.
35. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.35
* Image source: www.screenhog.com
E-mail services
36. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.36
* Image source: www.screenhog.com
Remote access servers
37. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.37
* Image source: www.screenhog.com
Remote access servers
often referred to as
NAS – Network Access Server
or
RAS – Remote Access Server
38. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.38
* Image source: www.screenhog.com
The world’s most popular RADIUS server
Authentication
39. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.39
* Image source: www.screenhog.com
The world’s most popular RADIUS server
Authentication
RADIUS
40. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.40
* Image source: www.screenhog.com
Authentication
41. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.41
* Image source: www.screenhog.com
Not really
Authentication
42. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.42
RADIUS
Remote Access Dial-In User System
43. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.43
• Authentication – who is this user? Is that really him?
• Authorization – what is this user allowed to do?
• Accounting – what did the user do?
RADIUS
Remote Access Dial-In User System
44. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.44
* Image source: h3c.com
How does it work?
45. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.45
* Image source: exetel.com.au
Remember how to connect to your ISP?
46. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.46
* Image source: exetel.com.au
Remember how to connect to your ISP?
47. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.47
RADIUS attributes
apply a user policy
48. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.48
How do we manage users?
49. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.49
How do we manage users?
Provisioning
50. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.50
How do we manage users?
Provisioning
• Create users
• Configure user profiles
− Bandwidth limits
− Login times
− Account expiration
− Simultaneous Logins
51. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
daloRADIUS,
The rise of
52. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.52
2007
53. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.53
2007
web management platform for freeRADIUS deployments?
54. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.54
2007
dialup admin = bundles with
FreeRADIUS
55. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.55
2007
no other worthy open source project to tackle
this problem
56. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.56
2007
the endeavor begins
57. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.57
2007
the endeavor begins
let’s scratch that itch!
58. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.58
2007
hardest part of every new software project?
59. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.59
2007
choosing a name
60. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.60
2007
daloRADIUS
61. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.61
2007
daloRADIUS
what’s in a name?
62. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.62
2007
daloRADIUS
what’s in a name?
Daloya – my wife’s last name
63. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.63
2007
daloRADIUS
what’s in a name?
Daloya – my wife’s last name
Now she is famous!
64. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.64
2007
daloRADIUS
what’s in a name?
Daloya – my wife’s last name
Now she is famous!
65. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.65
daloRADIUS
“daloRADIUS is an advanced RADIUS web management
application aimed at managing hotspots and general-
purpose ISP deployments. It features user management,
graphical reporting, accounting, a billing engine and
integrates with GoogleMaps for geo-locating.”
66. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.66
daloRADIUS
every decent project needs a logo
67. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.67
daloRADIUS
every decent project needs a logo
68. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.68
daloRADIUS
my first major open source web venture
69. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.69
daloRADIUS
pioneer project
my first major open source web venture
70. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.70
daloRADIUS
pioneer project
my first major open source web venture
great adoption potential
71. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.71
daloRADIUS
pioneer project
my first major open source web venture
great adoption potential
amazing community feedback
72. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.72
mission #1
daloRADIUS
73. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.73
daloRADIUS
SourceForge project page
74. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.74
daloRADIUS
SourceForge project page
code hosting
75. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.75
daloRADIUS
SourceForge project page
code hosting
collaboration
76. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.76
daloRADIUS
open source yields some food-wise
benefits
77. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.77
daloRADIUS
I bet my friend I can hit
lower than 1000 ranking
on SourceForge
78. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.78
daloRADIUS
79. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.79
daloRADIUS
That reminds me!
@andel7 you still owe me a meal!
80. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.80
daloRADIUS
Back To The Future
81. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.81
daloRADIUS
Back To The Future
82. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.82
open source project analysis
daloRADIUS
83. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.83
daloRADIUS
•mostly written in PHP
•well established, mature codebase
•maintained by one developer
•decreasing Y-O-Y commits
84. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.84
daloRADIUS
85. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.85
105K
lines of code
•has had 2,061 commits
•made by 6 contributors
daloRADIUS
86. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.86
26
person years
based on COCOMO model
$1.4M
estimated cost
for $55k
average salary
daloRADIUS
87. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.87
daloRADIUS
more on project growth
88. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.88
daloRADIUS
more on project growth
89. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.89
> 150K
downloads
daloRADIUS
90. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.90
daloRADIUS
who is using it?
91. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.91
daloRADIUS
who is using it?
exotic people
92. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.92
daloRADIUS
who is using it?
exotic people
really
93. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.93
daloRADIUS
Papua New Guinea
94. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.94
daloRADIUS
Ecuador
95. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.95
daloRADIUS
Iceland
96. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.96
daloRADIUS
who is behind those downloads?
97. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.97
daloRADIUS
ISPs, Hotspots, Education…
98. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.98
daloRADIUS
ISPs, Hotspots, Education…
partial list:
99. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.99
daloRADIUS
ISPs, Hotspots and Education
SiPalto
100. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.100
daloRADIUS
ISPs, Hotspots and Education
* these companies have been on the mailing list at some point
101. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.101
daloRADIUS
I even published a user guide book
102. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.102
daloRADIUS
103. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.103
>100
copies sold
since December 2012
~250
pages
step by step instructions
daloRADIUS
104. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.104
daloRADIUS
none of this would have been possible without
105. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.105
daloRADIUS
none of this would have been possible without
an amazing community of users
106. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.106
daloRADIUS
none of this would have been possible without
an amazing community of users
an amazing community of developers
107. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.107
daloRADIUS
108. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.108
daloRADIUS
Evgeniy Kozhuhovskiy
introducing multi-lingual support
109. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.109
daloRADIUS
multi-lingual proves promising as project grows
110. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.110
daloRADIUS
111. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Hotspots
The origins of
“” - Yoda
112. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.112
* Image source: http://www.space.com/
From black holes to wireless networking
113. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.113
* Image source: http://www.space.com/
From black holes to wireless networking
114. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.114
* Image source: http://www.techweekeurope.co.uk/
John O’Sullivan, astronomer,
electrical engineer.
115. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.115
John O’Sullivan, astronomer,
electrical engineer.
• Australian mate
• Work in the area of radio waves and
Fourier transforms (eh?)
• Hunter of black holes, in hope of
improving his radio telescope
* Image source: http://www.techweekeurope.co.uk/
116. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.116
* Image source: http://rlab.lse.ac.uk/
Moving packets in the air since the ‘90s
Wireless Fidelity
117. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.117
802.11b (11Mbps)
* Image source: http://rlab.lse.ac.uk/
Moving packets in the air since the ‘90s
Wireless Fidelity
802.11g (54Mbps) 802.11n (120Mbps)
118. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.118
* Image source: http://www.techweekeurope.co.uk/
Hotspots = Wireless Access Points for Internet
connectivity
119. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.119
• Coffee shops
• Institutions
• Airports
* Image source: http://www.techweekeurope.co.uk/
Hotspots
120. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.120
• Redirect all HTTP traffic
to a web page
• User agrees to terms of
service or pay online for
Internet access
* Image source: www.screenhog.com
Captive Portals
121. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.121
• Doesn’t mean free
• Doesn’t mean secure
* Image source: http://www.techweekeurope.co.uk/
Hotspots
122. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
CaptivePortals
The gateway for Internet access
123. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.123
Not always free
• Airports
• Hotels
* Image source: www.screenhog.com
Captive Portals Internet access
124. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.124
Restricted access only to staff
* Image source: www.screenhog.com
Captive Portals Internet access
125. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.125
Need SSH access but only HTTP is allowed?
* Image source: www.screenhog.com
Captive Portals Internet access
126. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.126
Internet makes people happy
* Image source: www.screenhog.com
Captive Portals Internet access
127. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.127
* Image source: www.screenhog.com
128. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.128
* Image source: www.screenhog.com
“Happiness is
free wi-fi”
129. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.129
• VPNs
• ICMP traffic tunneling
• MAC piggy-back
* Image source: www.screenhog.com
Gaining Internet access through
Captive portals
130. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.130
• VPNs
• ICMP traffic tunneling
• MAC piggy-back
* Image source: www.screenhog.com
Most probably all of
these are not an option
Gaining Internet access through
Captive portals
131. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.131
* Image source: www.screenhog.com
Gaining Internet access through
Captive portals
that actually work
132. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.132
* Image source: www.screenhog.com
DNS
Gaining Internet access through
Captive portals
that actually work
133. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.133
* Image source: www.screenhog.com
DNS
Huh??
Gaining Internet access through
Captive portals
that actually work
134. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.134
* Image source: www.screenhog.com
DNS Tunneling
Gaining Internet access through
Captive portals
that actually work
135. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.135
* Image source: www.screenhog.com
• DNS is mandatory to resolve hostnames
• DNS is recursive -> delegate hostname resolution to a host you
control
Gaining Internet access through
Captive portals
that actually work
136. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.136
* Image source: wikibooks.com
Gaining Internet access through
Captive portals
that actually work
137. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.137
* Image source: www.screenhog.com
Gaining Internet access through
Captive portals
that actually work
• Payload must be base32/base64 encoded
• 512 bytes for each DNS packet
• DNS uses UDP so it requires further handling
138. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.138
* Image source: http://analogbit.com/
Gaining Internet access through
Captive portals
139. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.139
* Image source: www.screenhog.com
Gaining Internet access through
Captive portals
that actually work,
but not always
• DNS redirection will prevent DNS tunneling from working
• Firewalling DNS activity
140. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.140
* Image source: www.screenhog.com
Demo Time!
141. © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Thankyou
Editor's Notes It all started back at 2006 It all started back at 2006
We did not have:
1. I was working at a small company called 10Levels, leading the Linux integration field 1. I was working at a small company called 10Levels, leading the Linux integration field 1. I was working at a small company called 10Levels, leading the Linux integration field 1. I was working at a small company called 10Levels, leading the Linux integration field 1. I was working at a small company called 10Levels, leading the Linux integration field *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) *** break this down to – what is an integrator, whose netcom, what’s WISP, and where is sierra leone loacted (show a map, show pictures of sierraleone from google images) FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable. FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable. FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable. FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable. It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006 It all started back at 2006