G-Stress Posted January 9, 2007 Posted January 9, 2007 Hey guys, was curious... you know how you goto a Starbucks or t-mobile hotspot or any hotspot where when you log onto the wireless network you have to create a user account sometimes even pay a fee to access the web. Was just wondering what type of authentication is that? Was curious to mess with it a little bit on my network just for experience. Just set it up so once connected to my wireless lan or wired you need to create a user account before accessing the web. Thanks in advance. Quote
Guest ABC Posted January 9, 2007 Posted January 9, 2007 normally they have a sever to admin that .... net ------Sever |--- USer1 ......................|--- User2 ......................|--- User 3 ignor the ...'s Quote
metatron Posted January 9, 2007 Posted January 9, 2007 T-Mobile Connection Manager software, version 1.5. It will utilize a subscriber's username and password to authenticate the user using the 802.1X specification (which checks in with a central RADIUS server). This security goes the extra mile by encrypting data between the wireless client and the access point hardware in the hotspot once you're logged in. Try FreeRADIUS http://www.freeradius.org/ It has its issues but generally it works for a lot of people. Also have a look at http://nocat.net/ Quote
mubix Posted January 9, 2007 Posted January 9, 2007 This is quite the hot topic ATM in the underground traveling community. There are many ways to get it done. It would be an awesome segment to show you how ;-) Quote
anyedie Posted January 9, 2007 Posted January 9, 2007 This is quite the hot topic ATM in the underground traveling community. There are many ways to get it done. It would be an awesome segment to show you how ;-) That would make a pretty good segment! :D Quote
metatron Posted January 9, 2007 Posted January 9, 2007 This is quite the hot topic ATM in the underground traveling community. There are many ways to get it done. It would be an awesome segment to show you how ;-) That would make a pretty good segment! :D It would make a good segment but it would be hard to produce something that was informative and relatively short. I wouldn’t mind seeing a special show just on wireless technology's, securing it and getting around commonly used systems. Quote
G-Stress Posted January 9, 2007 Author Posted January 9, 2007 Wow... :D I feel kinda special now... I never thought I'd post a thread that would seem so interesting. I agree a segment would be nice and well appreciated on this. Thanks guys for all the useful info. I'm working on setting up a domain also I assume I should be able to implement this in a domain environment also? Quote
SomeoneE1se Posted January 10, 2007 Posted January 10, 2007 I could have sworn I saw something like this on DEFCON. I'll try and find it for you when I get off work. Quote
G-Stress Posted January 10, 2007 Author Posted January 10, 2007 @ SomeoneElse, thanks man, appreciate it :D Quote
SomeoneE1se Posted January 10, 2007 Posted January 10, 2007 @ SomeoneElse, thanks man, appreciate it :D I live to serve http://www.defcon.org/html/defcon-13/dc13-...ers.html#Pierce and the video is here http://www.defcon.org/html/links/defcon-me...ives.html#dc_13 just search for the string "Bypassing Authenticated Wireless Networks" Quote
G-Stress Posted January 11, 2007 Author Posted January 11, 2007 Thanks SomeoneElse, This is also something I was curious about, for some reason the video wouldn't play and when I downloaded it, it appears it's corrupt, but i'll give it ago again or look for that video elsewhere if it doesn't work here no more :) Quote
SomeoneE1se Posted January 11, 2007 Posted January 11, 2007 Thanks SomeoneElse, This is also something I was curious about, for some reason the video wouldn't play and when I downloaded it, it appears it's corrupt, but i'll give it ago again or look for that video elsewhere if it doesn't work here no more :) video is not required the audio will do just fine if you're not try VLC that should play it even if the video is broken Quote
G-Stress Posted January 11, 2007 Author Posted January 11, 2007 Thanks again sir, VLC sure did do the job. However this is also reminds me of arp poisoning with Cain & Abel and just use another authenticated users credentials. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.