Marriott wifi blocking
Nick Olsen
nick at flhsi.com
Fri Oct 3 20:16:22 UTC 2014
Not sure the specific implementation. But I've heard of Rouge AP detection
done in two ways.
1. Associate to the "Rouge" ap. Send a packet, See if it appears on your
network, Shut the port off it appeared from. I think this is the cisco way?
Not sure. This is automated of course. This method wouldn't work in this
case. Because it wasn't connected to the hotels network
2. Your AP's detect the "Rouge" AP, They slam out a ton of "Deauth's"
directed at the clients, As if they are the AP. Effectively telling the
client to "disconnect".
Side question for those smarter than I. How does WPA encryption play into
this? Would a client associated to a WPA2 AP take a non-encrypted deauth
appearing from the same BSSID?
Nick Olsen
Network Operations (855) FLSPEED x106
----------------------------------------
From: "David Hubbard" <dhubbard at dino.hostasaurus.com>
Sent: Friday, October 03, 2014 4:11 PM
To: "NANOG" <nanog at nanog.org>
Subject: Marriott wifi blocking
Saw this article:
http://www.cnn.com/2014/10/03/travel/marriott-fcc-wi-fi-fine/
The interesting part:
'A federal investigation of the Gaylord Opryland Resort and
Convention Center in Nashville found that Marriott employees
had used "containment features of a Wi-Fi monitoring system"
at the hotel to prevent people from accessing their own
personal Wi-Fi networks.'
I'm aware of how the illegal wifi blocking devices work, but
any idea what legal hardware they were using to effectively
keep their own wifi available but render everyone else's
inaccessible?
David
More information about the NANOG
mailing list