On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
<[email protected]> wrote:
> I suggest you go public with your reply so you can be flamed and taught
> wrong appropriately.
Sorry - this gmail inefficiency sometimes gets me...
BUT, please enlighten me when any of the 3 use cases would be
beneficial to anyone not trying to (or "inefficiently migrating") hack
into a network would occur.
-Greg
> On Sat, 2010-01-30 at 09:51 -0600, Greg Oliver wrote:
>> On Sat, Jan 30, 2010 at 9:42 AM, Johannes Berg
>> <[email protected]> wrote:
>> > On Fri, 2010-01-29 at 12:27 -0800, Stephen Hemminger wrote:
>> >> What are the restrictions (on ath9k) for multiple SSID with hostap
>> >> on same physical device. Should/will the following work:
>> >>
>> >> 1. Duplicate SSID's (different channels)
>> >
>> > Not really/well, wouldn't go there right now.
>> >
>> >> 2. Same channel but different SSID
>> >
>> > Yes.
>> >
>> >> 3. Duplicate SSID, same channel, but different encryption method
>> >
>> > "Duplicate SSID"? If you mean the same SSID and different encryption, I
>> > don't think that's supported. If you just meant two SSIDs with different
>> > encryption, that's doable by using two (B)SSIDs.
>> >
>>
>> There's no really honest use case for any of the examples presented.
>> "They" must want a head start on the next hackers conference..
>>
>
>
>
On Sat, Jan 30, 2010 at 10:17 AM, Johannes Berg
<[email protected]> wrote:
> On Sat, 2010-01-30 at 10:14 -0600, Greg Oliver wrote:
>> On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
>> <[email protected]> wrote:
>> > I suggest you go public with your reply so you can be flamed and taught
>> > wrong appropriately.
>>
>> Sorry - this gmail inefficiency sometimes gets me...
>>
>> BUT, please enlighten me when any of the 3 use cases would be
>> beneficial to anyone not trying to (or "inefficiently migrating") hack
>> into a network would occur.
>
> I don't think I can parse that. In any case, a possible use case would
> for instance be a protected company network, along with an unprotected,
> internet-only guest network.
Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
Yes, I know it is feasible, but HIGHLY unlikely.
On 2010-01-30 5:22 PM, Greg Oliver wrote:
> On Sat, Jan 30, 2010 at 10:17 AM, Johannes Berg
> <[email protected]> wrote:
>> On Sat, 2010-01-30 at 10:14 -0600, Greg Oliver wrote:
>>> On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
>>> <[email protected]> wrote:
>>> > I suggest you go public with your reply so you can be flamed and taught
>>> > wrong appropriately.
>>>
>>> Sorry - this gmail inefficiency sometimes gets me...
>>>
>>> BUT, please enlighten me when any of the 3 use cases would be
>>> beneficial to anyone not trying to (or "inefficiently migrating") hack
>>> into a network would occur.
>>
>> I don't think I can parse that. In any case, a possible use case would
>> for instance be a protected company network, along with an unprotected,
>> internet-only guest network.
> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>
> Yes, I know it is feasible, but HIGHLY unlikely.
Actually, with non-mac80211 drivers people have been deploying setups
like this for years. Now that this functionality is starting to
stabilize in mac80211, people are starting to use it there as well.
What you call 'HIGHLY unlikely' is actually very common ;)
- Felix
On 2010-01-30 6:11 PM, Greg Oliver wrote:
> On Sat, Jan 30, 2010 at 11:05 AM, Felix Fietkau <[email protected]> wrote:
>> On 2010-01-30 5:22 PM, Greg Oliver wrote:
>>> On Sat, Jan 30, 2010 at 10:17 AM, Johannes Berg
>>> <[email protected]> wrote:
>>>> On Sat, 2010-01-30 at 10:14 -0600, Greg Oliver wrote:
>>>>> On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
>>>>> <[email protected]> wrote:
>>>>> > I suggest you go public with your reply so you can be flamed and taught
>>>>> > wrong appropriately.
>>>>>
>>>>> Sorry - this gmail inefficiency sometimes gets me...
>>>>>
>>>>> BUT, please enlighten me when any of the 3 use cases would be
>>>>> beneficial to anyone not trying to (or "inefficiently migrating") hack
>>>>> into a network would occur.
>>>>
>>>> I don't think I can parse that. In any case, a possible use case would
>>>> for instance be a protected company network, along with an unprotected,
>>>> internet-only guest network.
>>> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>>>
>>> Yes, I know it is feasible, but HIGHLY unlikely.
>> Actually, with non-mac80211 drivers people have been deploying setups
>> like this for years. Now that this functionality is starting to
>> stabilize in mac80211, people are starting to use it there as well.
>>
>> What you call 'HIGHLY unlikely' is actually very common ;)
>>
>> - Felix
>>
>
> Hmmm.. Are there that many network engineers that I clean the mess up
> for? I think they would not be visiting here... Please give me an
> example of "hiding" anything.. That just makes it all more useless..
> Seriously real world examples that only a single ssid would benefit
> from..
>
> I can think of no reason you would not EVER use a unique name....
I seem to have trouble parsing your language as well.
I thought we were talking about the use case of having two distinct BSS
interfaces with different SSIDs on the same PHY.
What does that have to do with hiding anything? Different interfaces,
different encryption settings, bound to different networks, simple as that.
- Felix
On Sat, Jan 30, 2010 at 11:05 AM, Felix Fietkau <[email protected]> wrote:
> On 2010-01-30 5:22 PM, Greg Oliver wrote:
>> On Sat, Jan 30, 2010 at 10:17 AM, Johannes Berg
>> <[email protected]> wrote:
>>> On Sat, 2010-01-30 at 10:14 -0600, Greg Oliver wrote:
>>>> On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
>>>> <[email protected]> wrote:
>>>> > I suggest you go public with your reply so you can be flamed and taught
>>>> > wrong appropriately.
>>>>
>>>> Sorry - this gmail inefficiency sometimes gets me...
>>>>
>>>> BUT, please enlighten me when any of the 3 use cases would be
>>>> beneficial to anyone not trying to (or "inefficiently migrating") hack
>>>> into a network would occur.
>>>
>>> I don't think I can parse that. In any case, a possible use case would
>>> for instance be a protected company network, along with an unprotected,
>>> internet-only guest network.
>> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>>
>> Yes, I know it is feasible, but HIGHLY unlikely.
> Actually, with non-mac80211 drivers people have been deploying setups
> like this for years. Now that this functionality is starting to
> stabilize in mac80211, people are starting to use it there as well.
>
> What you call 'HIGHLY unlikely' is actually very common ;)
>
> - Felix
>
Hmmm.. Are there that many network engineers that I clean the mess up
for? I think they would not be visiting here... Please give me an
example of "hiding" anything.. That just makes it all more useless..
Seriously real world examples that only a single ssid would benefit
from..
I can think of no reason you would not EVER use a unique name....
-Greg
On Sat, Jan 30, 2010 at 10:26 AM, Johannes Berg
<[email protected]> wrote:
> On Sat, 2010-01-30 at 10:22 -0600, Greg Oliver wrote:
>
>> > I don't think I can parse that. In any case, a possible use case would
>> > for instance be a protected company network, along with an unprotected,
>> > internet-only guest network.
>>
>>
>> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>>
>> Yes, I know it is feasible, but HIGHLY unlikely.
>
> It's not. openwrt for example has that as a default configuration. Even
> fonera does.
You're right - next time one of my immediate neighbors are installing
OpenWRT (at the same time), we may run into this...
I'm not meaning to argue, but is this a "real world" occurance.. I
was merely trying to point out that it shoul dnot be a priority. Not
that it coule NEVER happen, because I think everyone knows that if the
planets and sun are all aligned properly, it could happen - just like
we'll all be dead in 2012 (j/k)..Anyway.. I respect everyone's
opinion here.. I just think (although it may make the mac80211 stack
better) that it is not aa forerunner for anything that needs
addressing as far as linux wireless goes... This may make aircrack
better though as I am suspecting :)
-Greg
On Sat, 2010-01-30 at 10:22 -0600, Greg Oliver wrote:
> > I don't think I can parse that. In any case, a possible use case would
> > for instance be a protected company network, along with an unprotected,
> > internet-only guest network.
>
>
> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>
> Yes, I know it is feasible, but HIGHLY unlikely.
It's not. openwrt for example has that as a default configuration. Even
fonera does.
johannes
On Sat, 2010-01-30 at 10:14 -0600, Greg Oliver wrote:
> On Sat, Jan 30, 2010 at 10:00 AM, Johannes Berg
> <[email protected]> wrote:
> > I suggest you go public with your reply so you can be flamed and taught
> > wrong appropriately.
>
> Sorry - this gmail inefficiency sometimes gets me...
>
> BUT, please enlighten me when any of the 3 use cases would be
> beneficial to anyone not trying to (or "inefficiently migrating") hack
> into a network would occur.
I don't think I can parse that. In any case, a possible use case would
for instance be a protected company network, along with an unprotected,
internet-only guest network.
johannes
On 2010-01-30 5:26 PM, Johannes Berg wrote:
> On Sat, 2010-01-30 at 10:22 -0600, Greg Oliver wrote:
>
>> > I don't think I can parse that. In any case, a possible use case would
>> > for instance be a protected company network, along with an unprotected,
>> > internet-only guest network.
>>
>>
>> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
>>
>> Yes, I know it is feasible, but HIGHLY unlikely.
>
> It's not. openwrt for example has that as a default configuration. Even
> fonera does.
OpenWrt doesn't even bring up wifi in the default config. It has a one
configured AP mode interface per PHY, which is disabled by default ;)
- Felix
On Sat, 2010-01-30 at 18:01 +0100, Felix Fietkau wrote:
> On 2010-01-30 5:26 PM, Johannes Berg wrote:
> > On Sat, 2010-01-30 at 10:22 -0600, Greg Oliver wrote:
> >
> >> > I don't think I can parse that. In any case, a possible use case would
> >> > for instance be a protected company network, along with an unprotected,
> >> > internet-only guest network.
> >>
> >>
> >> Hmmm, I would put the odds at that happening about 100,000:1 (if not more)
> >>
> >> Yes, I know it is feasible, but HIGHLY unlikely.
> >
> > It's not. openwrt for example has that as a default configuration. Even
> > fonera does.
> OpenWrt doesn't even bring up wifi in the default config. It has a one
> configured AP mode interface per PHY, which is disabled by default ;)
Oh, whatever, but it's a pretty standard setup for it anyway.
johannes
On Sat, 2010-01-30 at 10:44 -0600, Greg Oliver wrote:
> > It's not. openwrt for example has that as a default configuration. Even
> > fonera does.
>
> You're right - next time one of my immediate neighbors are installing
> OpenWRT (at the same time), we may run into this...
>
> I'm not meaning to argue, but is this a "real world" occurance.. I
> was merely trying to point out that it shoul dnot be a priority. Not
> that it coule NEVER happen, because I think everyone knows that if the
> planets and sun are all aligned properly, it could happen - just like
> we'll all be dead in 2012 (j/k)..Anyway.. I respect everyone's
> opinion here.. I just think (although it may make the mac80211 stack
> better) that it is not aa forerunner for anything that needs
> addressing as far as linux wireless goes... This may make aircrack
> better though as I am suspecting :)
I really don't understand what you're trying to say.
mac80211 already supports this. And it doesn't influence aircrack's
functionality in any way.
johannes
> Hmmm, I would put the odds at that happening about 100,000:1
> (if not more)
That's described as a standard setup for Cisco APs, e.g. one with
WEP or even open on one VLAN, which gives you just an internet
connection. And another with WPA2-PSK or WPA-Enterprise to
connect to the company network.
And I've seen this setup in "real life" quite a few times.
--
http://www.holgerschurig.de