WiFi - login page redirection not working
Owen DeLong
owen at delong.com
Thu Nov 30 18:08:44 UTC 2017
> On Nov 30, 2017, at 08:20 , Josh Luthman <josh at imaginenetworksllc.com> wrote:
>
>> If TLS would somehow allow you to redirect...
>
> No but it would be nice to have a solution that redirects the user instead
> of "this page can't load" creating confusion.
A well-known non-SSL (non-HSTS) URL that users could use for this purpose would
serve the same purpose without producing the security problems mentioned.
Owen
>
>
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
>
> On Thu, Nov 30, 2017 at 2:02 AM, Jimmy Hess <mysidia at gmail.com> wrote:
>
>> On Wed, Nov 29, 2017 at 10:34 PM, Ramy Hashish <ramy.ihashish at gmail.com>
>> wrote:
>>
>>
>>> Two points with this problem: 1)Is there a "non client" solution to the
>>> problem of the WiFi login notification not showing up on the clients
>> after
>>> connecting to the WiFi network?
>>>
>>
>> A Captive portal embedding WispR XML data
>> for connections from browsers/OSes that request a test page upon network
>> access.
>> https://stackoverflow.com/questions/3615147/how-to-
>> create-wifi-popup-login-page
>>
>> However if WPA2 authentication is not method used for access, then network
>> traffic is
>> vulnerable and not secured.
>>
>> AP solutions that are non-standard being a "Non client" solution and using
>> "Open Wireless" mode SSIDs are likely so deficient in security as to be
>> an unreasonable risk for users to actually connect to.
>>
>>
>>> Second, anything to be done from the AP to show the landing page even if
>>> the page requested is HTTPs?
>>>
>>
>> If TLS would somehow allow you to redirect or create a HTTPS connection
>> from
>> a domain name that is not yours, then this could obviously be exploited for
>> attacks.....
>>
>> --
>> -JH
>>
More information about the NANOG
mailing list