[174892] in North American Network Operators' Group
Re: Marriott wifi blocking
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sat Oct 4 00:48:36 2014
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20141004025707.GD1424@bamboo.slabnet.com>
Date: Fri, 3 Oct 2014 21:39:19 -0700
To: Hugo Slabbert <hugo@slabnet.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
If there were a duplicate SSID, the. The nefarious user is the one causing i=
llegal harmful interference.=20
However, as I understand the case in question, Marriott was blocking stand-u=
p mobile hotspots not attached to their wired network or bridged/routed thro=
ugh their wifi.=20
As you pointed out, even if this were unauthorized extension of the Marriott=
network, Marriott's legitimate response would have been disconnecting the e=
xtension from their network, not causing harmful interference to the other n=
etwork.=20
Owen
> On Oct 3, 2014, at 19:57, Hugo Slabbert <hugo@slabnet.com> wrote:
>=20
> Looks like you cut off, but:
>=20
>> Except that this is the difference between what happens at a Marriott and=
what would happen at a business that was running rogue AP detection. In the=
business the portable AP would be trying to look like the network that the c=
ompany operated so as to siphon off legitimate users. In a hotel the portabl=
e AP would be trying to create a different, separate network. And so your th=
esis does not hold.
>=20
> But it's not a completely discrete network. It is a subset of the existin=
g network in the most common example of e.g. a WLAN + NAT device providing a=
ccess to additional clients, or at least an adjacent network attached to the=
existing one. Okay: theoretically a guest could spin up a hotspot and not a=
ttach it to the hotel network at all, but I'm assuming that's a pretty tiny e=
dge case.
>=20
> As the administration of the hotel/org network, I'm within bounds to say y=
ou're not allowed attach unauthorized devices to the network or extend the n=
etwork and that should be fair in "my network, my rules", no? And so I can t=
ake action against a breach of those terms.
>=20
> The hotspot is a separate network, but I don't have to allow it to connect=
to my network. I guess that points towards killing the wired port as a bet=
ter method, as doing deauth on the hotspot(s) WLAN(s) would mean that you ar=
e participating in the separate network(s) and causing harm there rather tha=
n at the attachment point.
>=20
> But what then of the duplicate SSID of the nefarious user at the business?=
What recourse does the business have while still staying in bounds?
>=20
> --
> Hugo
>=20
>> On Fri 2014-Oct-03 22:27:06 -0400, Jay Ashworth <jra@baylink.com> wrote:
>>=20
>> Except that this is the difference between what happens at a Marriott and=
what would happen at a business that was running rogue AP detection. In the=
business the portable AP would be trying to look like the network that the c=
ompany operated so as to siphon off legitimate users. In a hotel the portabl=
e AP would be trying to create a different, separate network. And so your th=
esis does not hold.
>>=20
>> I think this is the distinction we need. Because it's clear that the busi=
ness thing should be able to happen and the hotel thing should
>>=20
>>> On October 3, 2014 10:25:22 PM EDT, Hugo Slabbert <hugo@slabnet.com> wro=
te:
>>> On Fri 2014-Oct-03 17:21:08 -0700, Michael Van Norman <mvn@ucla.edu>
>>> wrote:
>>>=20
>>>> IANAL, but I believe they are. State laws may also apply (e.g.
>>> California
>>>> Code - Section 502). In California, it is illegal to "knowingly and
>>>> without permission disrupts or causes the disruption of computer
>>> services
>>>> or denies or causes the denial of computer services to an authorized
>>> user
>>>> of a computer, computer system, or computer network." Blocking access
>>> to
>>>> somebody's personal hot spot most likely qualifies.
>>>=20
>>> My guess would be that the hotel or other organizations using the
>>> blocking tech would probably just say the users/admin of the rogue APs
>>> are not authorized users as setting up said AP would probably be in
>>> contravention of the AUP of the hotel/org network.
>>>=20
>>>>=20
>>>> /Mike
>>>=20
>>> --
>>> Hugo
>>>=20
>>>>> On 10/3/14 5:15 PM, "Mike Hale" <eyeronic.design@gmail.com> wrote:
>>>>>=20
>>>>> So does that mean the anti-rogue AP technologies by the various
>>>>> vendors are illegal if used in the US?
>>>>>=20
>>>>>> On Fri, Oct 3, 2014 at 4:54 PM, Jay Ashworth <jra@baylink.com> wrote:=
>>>>>> ----- Original Message -----
>>>>>>> From: "Ricky Beam" <jfbeam@gmail.com>
>>>>>>=20
>>>>>>> It doesn't. The DEAUTH management frame is not encrypted and
>>> carries no
>>>>>>> authentication. The 802.11 spec only requires a reason code be
>>>>>>> provided.
>>>>>>=20
>>>>>> What's the code for E_GREEDY?
>>>>>>=20
>>>>>> Cheers,
>>>>>> -- jra
>>>>>> --
>>>>>> Jay R. Ashworth Baylink
>>>>>> jra@baylink.com
>>>>>> Designer The Things I Think
>>>>>> RFC 2100
>>>>>> Ashworth & Associates http://www.bcp38.info 2000
>>> Land
>>>>>> Rover DII
>>>>>> St Petersburg FL USA BCP38: Ask For It By Name! +1
>>> 727
>>>>>> 647 1274
>>>>>=20
>>>>>=20
>>>>>=20
>>>>> --
>>>>> 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
>>=20
>> --=20
>> Sent from my Android phone with K-9 Mail. Please excuse my brevity.
>=20
> --=20
> Hugo
