Happy Me Thread - Page 59

kladner · 2018-07-09, 07:37

Quote:

Originally Posted by rogue

On vacation, sitting in Costa Rica near Monteverde, enjoying the view. Better yet, the kids are having a lot of fun.

I am "green" with envy.

Please enjoy to the utmost! Happiest wishes for you and your clan.

chalsall · 2018-07-16, 16:47

I had a bit of fun last week which I thought I'd share, as some might find it funny, and others an useful idea...

I was at my girlfriends office, and noticed that their ISP's CPE had its wireless turned on. I had told them not to turn it on unless absolutely necessary (for example, someone visiting to do a presentation), and to turn it off again as soon as they no longer need it. But they'd turned it on and then forgotten to turn it off.

The reason for this paranoia is you just never know when a "zero day" against Winblows might be leveraged by someone who has the access credentials. Heck, someone's smart phone might have malware doing this kind of thing without the owner even knowing about it. Further, the ISP's CPE can't firewall the wireless segment to only access the internet; the LAN is also routable.

So, I configured a dedicated wireless Access Point (AP), and configured it to have three SSIDs. One called "Architects Cubed" which broadcasts its SSID and doesn't require a password (read: it's open). And then two others which are "hidden", require passwords, and are WPA2 encrypted. All of these are mapped into separate subnets and VLANs, and are wired from the AP to a dedicated NIC in a Linux server.

I then set up iptables rules to allow the two hidden SSIDs to access the Internet, but not the LAN. For the open SSID I allowed DNS traffic to 8.8.8.8 and 8.8.4.4 (what the DHCP server assigns), and remapped all HTTP requests to the Architects Cubed website. Everything else is logged and then dropped.

The end result: people who happen to be around their office (a lot of tourists walk by to get to a very nice nearby beach) think they've found an open WiFi hotspot, and when they try to "What's App" etc. they end up on Architects Cubed website. They can spend all day surfing around the site, but can't go anywhere else.

Heck, if someone's going to try to steal their internet, they'd might as well get a bit of advertising out of it....

Mark Rose · 2018-07-16, 18:35

"hidden" SSIDs are a bad idea, IMHO. Anyone who knows how to sniff packets will see them, and then it forces every client to actively ping for them when they're not associated to a network, thus draining phone batteries faster.

chalsall · 2018-07-16, 19:08

Quote:

Originally Posted by Mark Rose

"hidden" SSIDs are a bad idea, IMHO.

Thanks for the feedback, but in this particular application I don't think it's an issue.

Even if the connection is compromised, the attacker has access to absolutely nothing inside the office (except the internet connection). And, frankly, my girlfriend's employees' smart phone battery usage is not my problem....

Edit: Oh, also... Based on how many mobile devices the AP is detecting as they drive by (logged by way of SNMP Traps (giving away their device names, MAC addresses, and sometimes even their phone numbers(!))) many (if not most) devices are nominally busy radiating away anyway.

petrw1 · 2018-07-22, 21:53

Grandbaby #6 born today...a girl!!!!

Nick · 2018-07-23, 07:43

Quote:

Originally Posted by petrw1

Grandbaby #6 born today...a girl!!!!

Congratulations!

Xyzzy · 2018-08-25, 03:18

We bought a new motorcycle 80 days ago.

Today we crossed 25,000 miles. (Around the World in Eighty Days?)

(Here is our fuel log: http://www.mersenneforum.org/png/MPG.PNG)

ewmayer · 2018-08-25, 03:24

Quote:

Originally Posted by Xyzzy

We bought a new motorcycle 80 days ago.

Today we crossed 25,000 miles. (Around the World in Eighty Days?)

(Here is our fuel log: http://www.mersenneforum.org/png/MPG.PNG)

You average 300 miles per day? Holy hemorrhoids, Bat-man!

MooMoo2 · 2018-08-26, 15:39

I'm about to finish my 1st Cat 1 LL test. It's a 1st time test, not a doublecheck. The exponent has a lot of 1's.

M81111211: https://www.mersenne.org/report_expo...1111211&full=1

petrw1 · 2018-08-26, 21:34

Quote:

Originally Posted by ewmayer

You average 300 miles per day? Holy hemorrhoids, Bat-man!

Took over 4 years but my Prius has 100,000Km.
Lifetime average of 50MPG or 5.66L/100Km (Highway/City/Summer/Winter combined)

science_man_88 · 2018-08-26, 23:37

Quote:

Originally Posted by petrw1

Took over 4 years but my Prius has 100,000Km.
Lifetime average of 50MPG or 5.66L/100Km (Highway/City/Summer/Winter combined)

Try closer to 4.7 L/100km ... you did the math as ~41.6 MPG

2018-07-16, 16:47	#640
chalsall If I May "Chris Halsall" Sep 2002 Barbados 2·67·73 Posts	Wireless AP tricks... I had a bit of fun last week which I thought I'd share, as some might find it funny, and others an useful idea... I was at my girlfriends office, and noticed that their ISP's CPE had its wireless turned on. I had told them not to turn it on unless absolutely necessary (for example, someone visiting to do a presentation), and to turn it off again as soon as they no longer need it. But they'd turned it on and then forgotten to turn it off. The reason for this paranoia is you just never know when a "zero day" against Winblows might be leveraged by someone who has the access credentials. Heck, someone's smart phone might have malware doing this kind of thing without the owner even knowing about it. Further, the ISP's CPE can't firewall the wireless segment to only access the internet; the LAN is also routable. So, I configured a dedicated wireless Access Point (AP), and configured it to have three SSIDs. One called "Architects Cubed" which broadcasts its SSID and doesn't require a password (read: it's open). And then two others which are "hidden", require passwords, and are WPA2 encrypted. All of these are mapped into separate subnets and VLANs, and are wired from the AP to a dedicated NIC in a Linux server. I then set up iptables rules to allow the two hidden SSIDs to access the Internet, but not the LAN. For the open SSID I allowed DNS traffic to 8.8.8.8 and 8.8.4.4 (what the DHCP server assigns), and remapped all HTTP requests to the Architects Cubed website. Everything else is logged and then dropped. The end result: people who happen to be around their office (a lot of tourists walk by to get to a very nice nearby beach) think they've found an open WiFi hotspot, and when they try to "What's App" etc. they end up on Architects Cubed website. They can spend all day surfing around the site, but can't go anywhere else. Heck, if someone's going to try to steal their internet, they'd might as well get a bit of advertising out of it....

2018-07-22, 21:53	#643
petrw1 1976 Toyota Corona years forever! "Wayne" Nov 2006 Saskatchewan, Canada 1001001010111₂ Posts	#6 Grandbaby #6 born today...a girl!!!!

2018-08-25, 03:18	#645
Xyzzy "Mike" Aug 2002 5×17×97 Posts	We bought a new motorcycle 80 days ago. Today we crossed 25,000 miles. (Around the World in Eighty Days?) (Here is our fuel log: http://www.mersenneforum.org/png/MPG.PNG) Attached Thumbnails

2018-08-26, 15:39	#647
MooMoo2 Aug 2010 1010010010₂ Posts	I'm about to finish my 1st Cat 1 LL test. It's a 1st time test, not a doublecheck. The exponent has a lot of 1's. M81111211: https://www.mersenne.org/report_expo...1111211&full=1 Attached Thumbnails

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Random Birthdays Thread [Was: Happy Star Wars Day!]	ewmayer	Lounge	8	2014-05-13 20:44
Happy Odd Day	petrw1	PrimeNet	1	2009-05-07 16:31
Happy Holidays Thread	Deamiter	Lounge	50	2007-12-23 09:54
The Happy Fish thread	xilman	Hobbies	24	2006-08-22 11:44
Deutscher Thread (german thread)	TauCeti	NFSNET Discussion	0	2003-12-11 22:12

2018-07-16, 18:35	#641
Mark Rose "/X\(‘-‘)/X\" Jan 2013 2·5·293 Posts	"hidden" SSIDs are a bad idea, IMHO. Anyone who knows how to sniff packets will see them, and then it forces every client to actively ping for them when they're not associated to a network, thus draining phone batteries faster.