Breaking the internet (hotels, guestnet style)

Mark Andrews marka at isc.org
Tue Dec 8 14:11:22 UTC 2009


In message <20091208.101453.74674743.sthaug at nethelp.no>, sthaug at nethelp.no writes:
> > This really should be a DHCP option which points to the authentification
> > server using ip addresses.  This should be return to clients even
> > if they don't request it.  Web browers could have a hot-spot button that
> > retrieves this option then connects using the value returned.
> 
> Unfortunately, that's not how DHCP works. If you send the client a 
> DHCP option which the client has not requested, you have no idea if
> the client will use (or for that matter even *understand*) the option.
> 
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no

It can still parse and skip it from the the DHCP response as every
option contains its own length.  Initially clients will ignore it
but over time it will be supported on the client side.  This is a
much better way than intercepting DNS queries and returning respones
that will just be ignored by validating and iterative resolvers.

Something like http://1.2.3.4/terms.html or http://[2001::1]/terms.html
doesn't require that everthing be intercepted.   Just block until
acceptance.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org




More information about the NANOG mailing list