Marriott wifi blocking

Sat Oct 4 02:57:07 UTC 2014

Looks like you cut off, but:

>Except that this is the difference between what happens at a Marriott 
>and what would happen at a business that was running rogue AP 
>detection. In the business the portable AP would be trying to look like 
>the network that the company operated so as to siphon off legitimate 
>users. In a hotel the portable AP would be trying to create a 
>different, separate network. And so your thesis does not hold.

But it's not a completely discrete network.  It is a subset of the 
existing network in the most common example of e.g. a WLAN + NAT device 
providing access to additional clients, or at least an adjacent network 
attached to the existing one.  Okay: theoretically a guest could spin up 
a hotspot and not attach it to the hotel network at all, but I'm 
assuming that's a pretty tiny edge case.

As the administration of the hotel/org network, I'm within bounds to say 
you're not allowed attach unauthorized devices to the network or extend 
the network and that should be fair in "my network, my rules", no?  And 
so I can take action against a breach of those terms.

The hotspot is a separate network, but I don't have to allow it to 
connect to my network.  I guess that points towards killing the wired 
port as a better method, as doing deauth on the hotspot(s) WLAN(s) would 
mean that you are participating in the separate network(s) and causing 
harm there rather than at the attachment point.

But what then of the duplicate SSID of the nefarious user at the 
business?  What recourse does the business have while still staying in 
bounds?

--
Hugo

On Fri 2014-Oct-03 22:27:06 -0400, Jay Ashworth <jra at baylink.com> wrote:

>Except that this is the difference between what happens at a Marriott and what would happen at a business that was running rogue AP detection. In the business the portable AP would be trying to look like the network that the company operated so as to siphon off legitimate users. In a hotel the portable AP would be trying to create a different, separate network. And so your thesis does not hold.
>
>I think this is the distinction we need. Because it's clear that the business thing should be able to happen and the hotel thing should
>
>On October 3, 2014 10:25:22 PM EDT, Hugo Slabbert <hugo at slabnet.com> wrote:
>>On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman <mvn at ucla.edu>
>>wrote:
>>
>>>IANAL, but I believe they are.  State laws may also apply (e.g.
>>California
>>>Code - Section 502).  In California, it is illegal to "knowingly and
>>>without permission disrupts or causes the disruption of computer
>>services
>>>or denies or causes the denial of computer services to an authorized
>>user
>>>of a computer, computer system, or computer network."  Blocking access
>>to
>>>somebody's personal hot spot most likely qualifies.
>>
>>My guess would be that the hotel or other organizations using the
>>blocking tech would probably just say the users/admin of the rogue APs
>>are not authorized users as setting up said AP would probably be in
>>contravention of the AUP of the hotel/org network.
>>
>>>
>>>/Mike
>>>
>>>
>>
>>--
>>Hugo
>>
>>>On 10/3/14 5:15 PM, "Mike Hale" <eyeronic.design at gmail.com> wrote:
>>>
>>>>So does that mean the anti-rogue AP technologies by the various
>>>>vendors are illegal if used in the US?
>>>>
>>>>On Fri, Oct 3, 2014 at 4:54 PM, Jay Ashworth <jra at baylink.com> wrote:
>>>>> ----- Original Message -----
>>>>>> From: "Ricky Beam" <jfbeam at gmail.com>
>>>>>
>>>>>> It doesn't. The DEAUTH management frame is not encrypted and
>>carries no
>>>>>> authentication. The 802.11 spec only requires a reason code be
>>>>>> provided.
>>>>>
>>>>> What's the code for E_GREEDY?
>>>>>
>>>>> Cheers,
>>>>> -- jra
>>>>> --
>>>>> Jay R. Ashworth                  Baylink
>>>>>jra at baylink.com
>>>>> Designer                     The Things I Think
>>>>>RFC 2100
>>>>> Ashworth & Associates       http://www.bcp38.info          2000
>>Land
>>>>>Rover DII
>>>>> St Petersburg FL USA      BCP38: Ask For It By Name!           +1
>>727
>>>>>647 1274
>>>>
>>>>
>>>>
>>>>--
>>>>09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
>>>
>>>
>
>-- 
>Sent from my Android phone with K-9 Mail. Please excuse my brevity.

-- 
Hugo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20141003/327134f3/attachment.sig>