It sounds like this is an attempt to change the topology of 802.11x to a polled topology without the true benefit of such topology without changing the hardware.
Correct!
We have built a city-wide wireless freenet using commodity hardware. Things were working well, but as we grew larger the hidden node effect became a larger problem. Swapping all the hardware over is a big expense, and a big undertaking for a bunch of hobbyists.
We did investigate doing so, and also investigated a firmware solution (KarlNet TurboCell) but found it unsuitable to our needs.
On a whim, one of us implemented a small master/slave polling system in Perl which seemed to do the job surprisingly well, and it just grew from there.
Actually, the fact we're all slightly odd helped immensely. *grin*
Most of us connected to this network because we are interested in the technology behind it. 15 "normal" internet users would have undoubtedly leeched the fsck out of the AP and would have seen problems much sooner....
It only takes one router between the attacking host, and the victim host to have the right filter to stop the spoofed packets.
with itrace, if only one router in between is logging packets, all you will know is that the packet came through that router, so you are only slightly closer to the original source, especially if that router has several networks connected to it. With egress, that same router will have stopped the spoofed packets.
I know but the itrace solution requires every tech which ever had configured a router to upgrade that router anyway, which leads me to my point that there IS a better solution out there, that can be used already, but nobody is, so why waste time inventing a new one, that is not as effective and even less likely to be implemented?
ISPs can solve the spoofing problem RIGHT NOW with tools available today: egress filtering. The ISPs I run have egress filtering on ALL routers (border and internal) so not a single internal host can send a packet unless the source address is at least within the same subnet. Makes more sense to me than inventing another ICMP standard which requires all router manufacturers to update their software, and all ISPs to upgrade to the newer software.
Slashdot Mirror
yes, check out nodedb.com
Most WaFreeNet nodes are listed here
Correct!
We have built a city-wide wireless freenet using commodity hardware. Things were working well, but as we grew larger the hidden node effect became a larger problem. Swapping all the hardware over is a big expense, and a big undertaking for a bunch of hobbyists.
We did investigate doing so, and also investigated a firmware solution (KarlNet TurboCell) but found it unsuitable to our needs.
On a whim, one of us implemented a small master/slave polling system in Perl which seemed to do the job surprisingly well, and it just grew from there.
It's not called FreeNet, it's called frottle. The name happens to be derived from the word FreeNet but we don't refer to it as anything but frottle.
Try Googling for frottle some time. no confusion there!
Actually, the fact we're all slightly odd helped immensely. *grin*
Most of us connected to this network because we are interested in the technology behind it. 15 "normal" internet users would have undoubtedly leeched the fsck out of the AP and would have seen problems much sooner....
Proud Denizen of the WaFreeNet
2001-05-12 23:00:00 *shrug* blah blah blah blah blah blah blah BLAH!
It only takes one router between the attacking host, and the victim host to have the right filter to stop the spoofed packets.
with itrace, if only one router in between is logging packets, all you will know is that the packet came through that router, so you are only slightly closer to the original source, especially if that router has several networks connected to it. With egress, that same router will have stopped the spoofed packets.
I know but the itrace solution requires every tech which ever had configured a router to upgrade that router anyway, which leads me to my point that there IS a better solution out there, that can be used already, but nobody is, so why waste time inventing a new one, that is not as effective and even less likely to be implemented?
ISPs can solve the spoofing problem RIGHT NOW with tools available today: egress filtering. The ISPs I run have egress filtering on ALL routers (border and internal) so not a single internal host can send a packet unless the source address is at least within the same subnet. Makes more sense to me than inventing another ICMP standard which requires all router manufacturers to update their software, and all ISPs to upgrade to the newer software.