Its been discussed on the list before. Its basically spoofed ARP responses and NAT. Check the archives... Jim From nocat-admin@xxxxxxxxxxxxxxx Thu Mar 13 04:14:29 2003 X-Original-To: jim@xxxxxxxxxxx X-Sender: doug@xxxxxxxxxxxxxxx@yeagerautomation.com X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 To: nocat@xxxxxxxxxxxxxxx;, nocatnet@xxxxxxxxxxxxxxx;, hostap@xxxxxxxxx;, netfilter@xxxxxxxxxxxxxxxxxxx From: Doug Yeager <doug@xxxxxxxxxxxxxxxxxx> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: [NoCat] spoofing client IP configuration Sender: nocat-admin@xxxxxxxxxxxxxxx Errors-To: nocat-admin@xxxxxxxxxxxxxxx X-BeenThere: nocat@xxxxxxxxxxxxxxx X-Mailman-Version: 2.0.12 Precedence: bulk List-Help: <mailto:nocat-request@xxxxxxxxxxxxxxx?subject=help> List-Post: <mailto:nocat@xxxxxxxxxxxxxxx> List-Subscribe: <http://lists.nocat.net/mailman/listinfo/nocat>, <mailto:nocat-request@xxxxxxxxxxxxxxx?subject=subscribe> List-Id: Development list for the NoCatAuth project <nocat.lists.nocat.net> List-Unsubscribe: <http://lists.nocat.net/mailman/listinfo/nocat>, <mailto:nocat-request@xxxxxxxxxxxxxxx?subject=unsubscribe> List-Archive: <http://lists.nocat.net/pipermail/nocat/> Date: Thu, 13 Mar 2003 06:58:24 -0500 o.k., managing a public WLAN, people have all sorts of IP configurations preset on their clients (not all are dhcp clients enabled). i am currently running a DHCP server and it works *MOST* of the time. the ultimate solution would be to somehow ignore the client ip configuration and map to the clients on the server side based on their mac address, or something like that. i know this is possible because there are hotels that do this kind of thing.....some terms like "nomadic server" have popped up. i want the server to route based on local addresses, so this service hopefully would run at the mac level. the public wlan currently runs: nocat gateway HostAP Iptables firewall DHCPD (server in question by this email) any alternatives to DHCP that do this would be great....i just want people configured to their work ip configs to be able to get on. would moving to 802.11 auth help? i don't think so because after authentication you still need an IP to do anything...unless i'm thinking about this wrong. thx, doug _______________________________________________ NoCat mailing list NoCat@xxxxxxxxxxxxxxx http://lists.nocat.net/mailman/listinfo/nocat _______________________________________________ NoCat mailing list NoCat@xxxxxxxxxxxxxxx http://lists.nocat.net/mailman/listinfo/nocat
