LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Script needed
From:	Juan Pablo Macias <[log in to unmask]>
Reply To:	Juan Pablo Macias <[log in to unmask]>
Date:	Mon, 22 Sep 2008 11:00:51 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (87 lines)

Thanks for the suggestion John, I wasn't aware of such application.
It's a nice solution. You can download/install it on any distro from
here: http://nocat.net/

Juan Pablo

2008/9/22 John Summerfield <[log in to unmask]>:
> Juan Pablo Macias wrote:
>>
>> Hi
>>
>> I think it would be easier to make this at firewall level. For
>> example, assign an IP address range from 192.168.1.10 to 192.168.1.50
>> to unregistered addresses, and at your gateway, use iptables to block
>> addresses in that range from passing through. When you register your
>> client, assign an ip outside that range. You could make this based on
>> ports too.
>>
>> Juan Pablo Macias
>>
>> 2008/9/19 vivek chal <[log in to unmask]>:
>>>
>>> Hello all !
>>> i have made a dhcp server that assigns temporary ip address to my clients
>>> on
>>> first attempt and when clients fill the registration form (which includes
>>> host name, MAC address etc), i write  entries in dhcp.conf to assign
>>> fixed
>>> ip address based on their MAC address.
>>> Now i want my server's some services like ssh,telnet and iptables will
>>> work
>>> only for registered users to whom i have assigned fixed ip address in
>>> dhcp.conf based on their MAC address so that only registered users can
>>> access internet . My machine is acting as a DNS, Gateway and DHCP.
>
> I don't think much of it as a security idea. Anyone who's master of their
> own machine can assign their own IP address. MAC addresses can be forged.
> iptables can only be configured on the machine it's running on.
>
> There is a free package that does pretty much what I think you want, it's
> part of pebble linux, I think it's from Seattle Wireless (a group of users)
> and it _is_ mentioned in 100 Wireless Hacks published by Oreilly. I think
> it's NoCatAuth.
>
> Pebble linux is a special-purpose Linux distro, comes as a tarball, is
> really small and is intended for wireless access points built from old
> peecees, where access to the Internet needs to be controlled but not
> necessarily charged for. Think "Free Internet cafe."
>
>
>
>
>
>>>
>>> Can anyone help me to write such a script as I have to implement this
>>> server
>>> soon.
>
>>
>>
>
>
> --
>
> Cheers
> John
>
> -- spambait
> [log in to unmask]  [log in to unmask]
> -- Advice
> http://webfoot.com/advice/email.top.php
> http://www.catb.org/~esr/faqs/smart-questions.html
> http://support.microsoft.com/kb/555375
>
> You cannot reply off-list:-)
>



-- 
To follow the path,
look to the master,
follow the master,
walk with the master,
see through the master,
become the master

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV