ietf
[Top] [All Lists]

Re: Please make sure that you do not run your WLAN in ad hoc mode

2005-11-10 15:02:10
It is hard to be very strict at an IETF meeting.  We first started running
Penalty Boxes at one of the Minneapolis IETF meetings.  Why did we do it? 
Because we had time.  We got the network working reasonably well and could
dedicate our time to ... "Fighting Evil".

So we setup the penalty box, and we put people in there.  We found a mean
MAC addr, set it all up, and then came the question.. Do you really want
to do this?  That was a hard call to make honestly.  There were a lot of
smart people in the NOC (There always are).  Even with all that
intelligence, you could feel the tension in the room as we put 'em in
there.

Why?  Well we have enough people bashing the NOC crew all the time.  Now
we were purposefully messing with people.  How would you like to be the
person that accidentally put the IETF-Chair in the penalty box?

So we put quite a few people in there, and we caught at least one (Thanks
Joel).  Was the guy actually doing malicious things.  We think so.  Did he
act like he didn't know what was going on?  Yep.  Did he unplug his
computer as soon as we found him, yep.  It was all very odd.  Somewhat
rewarding, but still weird.

Ok, let's sum this up.

1.  The people who are running in ad-hoc mode, if you look at a few of
those nets, you will see multiple MAC addresses for the same network. 
Look closer and some of the OUI's look downright spooky.  You could be
chasing them for quite some time.

2.  As someone else pointed out, they would only feel the effects of your
efforts if they connect back to the IETF network.  Do you think they will?

3.  One of the ways we caught the person in Minneapolis was because of the
goo coming out of their WLAN card (scanning), we shut them off, and then
saw the same goo coming out of their wired port.  Doesn't apply to well to
wireless ad-hoc.

I bet you can catch some of the people, but in the end it is probably a
pretty low priority compared with tuning all your APs so the wireless
coverage at the plenary doesn't crash into itself.

I think training would be great.  The only problem is that either they are
doing it to be mean, or they have no idea they are doing it in the first
place and skim over the documentation asking them to check their config as
if it were a note well.  I'm all for the Penalty Box, I thought it was
cool.  But looking at that list of Ad-HOC nets and MAC addresses.  Wow,
that's a lot!

Best of luck to the NOC team, and thanks to UofO for the MP3 streams.

--Brett

I think we should be very strict on this. All this people should get
filtered until they go to the NOC and make sure to get trained about how
to
avoid ad-hoc !

Regards,
Jordi




De: Glenn Parsons <gparsons(_at_)nortel(_dot_)com>
Responder a: <ietf-bounces(_at_)ietf(_dot_)org>
Fecha: Thu, 10 Nov 2005 14:42:07 -0500
Para: IETF Discussion <ietf(_at_)ietf(_dot_)org>
Conversación: Please make sure that you do not run your WLAN in ad hoc
mode
Asunto: RE: Please make sure that you do not run your WLAN in ad hoc mode
FYI,
At the plenary last night the NOC team noticed 107 adhoc networks on
802.11b.  See attachment for the names & MACs.
Cheers,
Glenn.
-----Original Message-----
From: ietf-bounces(_at_)ietf(_dot_)org 
[mailto:ietf-bounces(_at_)ietf(_dot_)org] On Behalf Of
Pekka Nikander
Sent: Thursday, November 10, 2005 2:06 PM
To: IETF Discussion
Subject: Please make sure that you do not run your WLAN in ad hoc mode
It would be nice if people did not run their WLAN cards in Ad Hoc mode.
Here are MAC addresses of some cards that I currently see advertising
various ad hoc networks.  At least some of these were present also in
yesterday's plenary.
Network name   MAC
Netgear        02-00-10-62-A3-6D
IETF64         02-00-31-9B-69-47
Netgear        02-00-61-76-D2-79
linksys        02-0C-F1-EC-CF-9E
TC_2           02-0E-35-03-D4-C4
IETF64         02-12-F0-00-33-FD
wireless       02-27-97-94-65-56
If you don't know how to check your MAC address or how not to turn off
ad-hoc capability, it may be better to turn off WLAN altogether. Thank
you,
--Pekka Nikander
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf




************************************
The IPv6 Portal: http://www.ipv6tf.org

Barcelona 2005 Global IPv6 Summit
Information available at:
http://www.ipv6-es.com

This electronic message contains information which may be privileged or
confidential. The information is intended to be for the use of the
individual(s) named above. If you are not the intended recipient be
aware
that any disclosure, copying, distribution or use of the contents of
this
information, including attached files, is prohibited.








--
Please note that my e-mail address has changed.




_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf