[PLUG] Wireless network card

[AthlonRob]

On Sat, 2003-11-01 at 13:35, Aaron Burt wrote:

> EE, soph (or so) year.  Hard to get on-campus housing otherwise.

I didn't know it was on-campus - you just said near campus.  :-)

Isn't Ione Plaza open to anybody?  I don't really know, though.

> > I watched some jackass hack in to pubnet a few weeks ago, kicking an
> > authorized user off in the process.  That's not cool, if you ask me,
> > especially when you consider how much the authorized user is paying in
> > tuition.
> 
> Really rude, that, and easy under the old system where you permanently
> register a MAC address.  Now you auth each time you connect, which puts
> the focus on cracking the password system.  That might not be an
> improvement.

I started thinking about it, and don't see any way they could secure
Pubnet from issues like this.  Maybe some of you have ideas?

The best thing I could come up with was using WEP and only letting
students know what the WEP key was - but that's so easily leaked.

You see, you can easily capture packets going through the air, with the
MAC addresses attached.  How easy is it to forge a MAC address?  Then
obtain a new DHCP lease with the forged MAC, essentially kicking the
other guy off?

Way too easy, unfortunately.

You don't need to crack the password at all.

> > I really don't think Pubnet is meant to be used as somebody's full-time
> > Internet connection.  Hopefully you aren't breaking the AUP in the
> > process.  But, considering how much tuition you are hopefully paying, I
> > certainly don't see a problem with it.
> 
> I can't even *find* an AUP for Pubnet.  I figure the only difference is
> that I'm using a desktop, not a laptop.  But I'll likely have to host my
> li'l shell/web domain elsewhere now.

I didn't look, but haven't been using it for anything that wouldn't fall
under a reasonably written AUP.  I think they have an AUP for all
network services, but am not really totally sure on that, as it
definitely isn't something mentioned often.

Rob