PDA

View Full Version : open wireless on college campus



sleipner
04-12-2006, 08:20 AM
the local community college I go to is getting towards setting up open wifi on campus, and has a few nodes up already. the annoying part of it is, after connecting and being directed to their network homepage, downloading their security-requirement-checking program and seeing what antivirus you have on it lets you use the network (I don't have anyproblem with it up to this point in the process its the results/criteria for qualification that sucks tar)...

the pain of it is, the only antivirus it checks for is Norton (sorry but I'll stick with Avast - free) - without Norton you cant use the wifi node. I know its their network and its a privelage to use it on their terms, but isnt that kinda encouraging monopoly?

what's your guy's thoughts on it???

btw: i'm fine enough using the desktops they have hardwired into the network, but I'd still rather use my laptop, if I ever get the chance - most the computers on campus are at best first generation Pentium 4s with 256mb of RAM, the worst are Pentium 3's with about 186mb RAM (my Athlon 3400 512RAM laptop kicks the tar outta any of em anyday)...

Twey
04-12-2006, 04:46 PM
Shocking. What about those students who aren't running Windows? Since you can connect to the network without using the antivirus checker, I presume it probably connects to a server somewhere and sends your MAC or IP address (probably MAC) to be added to a list of accepted clients. Use a packet sniffer; install this program and the software it wants, then sniff packets to find out what it does to authenticate you. Remove the software, and perform the authentication yourself.

sleipner
04-13-2006, 06:15 PM
I looked it up on wikipedia to see what programs it had listed, the 2 that LOOKED like they might do it were dSniff and OmniPeek - I'm not sure about any of that though since I dont speak networking. IF I found one to use, how would I go about... doing what you said... and second, just how legal is that - something to get me fined or what???

Twey
04-13-2006, 07:15 PM
Ethereal (http://www.ethereal.com/) is a nice packet sniffer.

The legality of this is a bit of a grey area, and I'm not a lawyer anyway. I think you'd be OK, however; it depends on their terms. If the terms of use explicitly state that to use their network, you have to install and run this program, you could be held in breach of contract, although I doubt they'd press charges. It's more likely that the terms say something like, "You must be running antivirus software." If this is the case, and you are, you aren't even breaking their rules, let alone the law.

In the event that it is illegal, you'll only get into trouble if they a) find you out and b) press charges. a) should be impossible; if you do it right, it should be undetectable; you're not doing anything the program wouldn't do. b) will probably also be no trouble; you're not causing them even the slightest inconvenience, let alone damage of any kind.


IF I found one to use, how would I go about... doing what you said...1) Start the packet sniffer and begin sniffing.
2) Run the program as you normally would, and watch for a bunch of packets to an address on the wireless LAN (in fact, since you've no internet access, these should be the only packets it'll pick up).
3) Close the program, disconnect from the LAN, possibly change your MAC address (winipcfg command), then reconnect and rerun the program. Check if anything is different in the data it sends out this time. If it is, and it's not something obvious like a timestamp, you're in trouble. If it isn't, you've got the authentication data and address; send this by the packet sniffer (some offer a "replay" option) or a seperate tool such as ettercap (http://ettercap.sourceforge.net/) in lieu of running the program. If that works, you can now remove Norton, the university's program, or anything else they required you to have, and install equivalents of your choice.

Alternatively, you could take the wimp's option and just ask the tech support to let you on. ;)

sleipner
05-05-2006, 12:32 AM
Alright I finally got around to dl a trial of norton av, the first time I ran it the authentication page also checked for definitions, which I hadnt updated (I had JUST installed the trial), so it wouldnt authenticate. I did run Ethereal, but it didnt detect ANY network transmissions - incoming or outgoing...

I went home and updated definitions, and tried again today - it authenticated, but again, Ethereal didnt detect any network activity. the security app opens your default browser and takes you to some page or other with what must be an active x control or something of the sort, and eventually after making sure norton with up to date detections is on, it authenticates.

it seems it must register my IP in a database (the first time I authenticated it was in firefox, and it was supposed to go to some page or other after a set amount of time, but it never did, so I closed firefox, reopened the authentication launching app, and it said I couldnt do it cuz I was already registered, and now I can use the WiFi)... I hope this means that with my IP already registered, it wont care if I uninstall norton (I'm not paying for a subscription - once you buy software, you ought to be able to use it whenever you want unrestricted) - if it doesnt work after uninstalling norton, I guess I'll just have to use the pitifully horrible machines here for my browsing needs at school since Ethereal couldnt help me...

at least it works for now I guess...

Twey
05-05-2006, 12:39 AM
I hope this means that with my IP already registered, it wont care if I uninstall nortonIt assigns you a new IP every time you connect. :) An IP is an identifier for a network connection: if you're not connected to a network, you don't have one. A MAC address identifies a network interface device.
it authenticated, but again, Ethereal didnt detect any network activity.Oh really? None at all? Not even HTTP? Did you select the correct interfaces?
(I'm not paying for a subscription - once you buy software, you ought to be able to use it whenever you want unrestricted)Yet you "bought" (although I'd call it more of a long-term rental) Windows? (Sorry, that was a bit anti-Microsoft of me -- I just read this (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/script56/html/d8f019c3-5249-4947-a8a2-247e75e3e468.asp) load of marketing bull... er... horns... about using "Microsoft Script Encoder" to protect your "intellectual property" on the Web).

sleipner
05-05-2006, 01:07 AM
alright, you got me on terminology :|

none at all - though it might have helped if I had understood more options than just the promiscuous detection :(

and yes I did pay the Windows tax on my laptop and desktop - but thats more like overly high priced software with flaws intentionaly built into it to keep you hooked on security updates - a subscription would be more like if I had to pay 10 bucks a month for automatic update (Windows OneCare Live, anyone?)

however, as of next school year, you can start to worry a little bit less - I'll be taking the Linux class to fullfill the webserver admin class requirement, which ought to help break me into using it for at least a secondary and maybe even primary os :)

just because I've learned about everything I know about computers on Windows (and a little bit of DOS, with the exception of the horribly slow PowerPC 750s back in grade school :( ), doesnt mean I cant acknowledge M$'s horrible business ethics...

Twey
05-05-2006, 01:38 AM
however, as of next school year, you can start to worry a little bit less - I'll be taking the Linux class to fullfill the webserver admin class requirement, which ought to help break me into using it for at least a secondary and maybe even primary os :)Linux class? Heck, why waste time on classes -- jump in! :p Fedora (http://fedora.redhat.com/)'s nice for beginners.
(Windows OneCare Live, anyone?)Woah... hadn't heard of that.
just because I've learned about everything I know about computers on Windows (and a little bit of DOS, with the exception of the horribly slow PowerPC 750s back in grade school ), doesnt mean I cant acknowledge M$'s horrible business ethics...My friend, you don't know how rare you are... :)