Awesome!!! -Kevin >>From owner-ietf@xxxxxxxx Tue Nov 11 17:46:49 2003 >>From: Brett Thorson <bthorson@xxxxxxxxxxx> >>Subject: [58crew] Network Status - 11/11/03 1922 Local Time - Penalty Box >>Date: Tue, 11 Nov 2003 20:24:43 -0500 >>To: ietf@xxxxxxxx >>Content-Disposition: inline >> >>The number of users who are attending the IETF with infected machines or >>wireless cards running in AD-HOC mode has increased. It has increased to >>the point where there is a negative impact on the rest of the IETF >>attendees. >> >>The solution we have come up with is the Penalty Box. >> >>If a malicious machine is detected (either accidental or intentional) on the >>network, we will assign them an address in the 172.16/12 networks; >>172.16.128.0/24 for offenders from the IETF58 Wireless in the hotel, >>172.16.48.0/24 for offenders from the Outside Wireless. >> >>This will be next-hopped by the Juniper to a captive network. >> >>All HTTP sessions will be redirected to a webpage that will let them know that >>they have been placed into the Penalty Box. >> >>Right now we have the DHCP server assigning the proper address, and our >>routers are dealing with them appropriately. We are still working on the >>apache config to redirect (rewrite?) all of their requests to our explanatory >>URL. (NoCatAuth does not play well in our MacOS X environment.) >> >>Any suggestions for the apache configuration for capture/rewriting would be >>appreciated. >> >>If you do see anybody with the 172.16.48.* or 172.16.128.* address, please >>help them to fix their machine, or send them to the terminal room. Either >>ask the helpdesk person, or just shout out for help, plenty of helpful people >>here! >> >>Thanks! >> >>--58 NetOps Crew >>