|
||||||||
This is a thought provoking problem... My problem here is: I have people in my neighborhood that are associated to my AP and have gotten DHCP leases from my Monowall, but who have not clicked the "Continue" button on my captive portal (I instituted captive portal), in order to gain access to the Internet. But these people's computers are still passing apparently trashy data into my WISP interface of my Monowall. I see an IP address that my DHCP has assigned to one of my neighbor's computers. And this IP address is acting as a source and incrementing port numbers trying to get to another IP address out on the Internet, that goes to CHINA RAILWAY TELECOMMUNICATIONS CENTER. A bunch of the destination IP numbers that the DHCP IP address tries to go to is to CHINA RAILWAY TELECOMMUNICATIONS CENTER, and most of the time the source port numbers are incrementing. What's really perplexing is that my neighbor's computer was given an IP address from the DHCP of my Monowall...but this computer did not log onto the Internet via the Captive Portal continue button. However, the logging information on my Monowall shows that this data is being passed. How can that be? Seems that the trashy data is bypassing my captive portal? Maybe it is a Trojan on my neighbors computer. But how come my Monowall logging shows that data as being passed on the WISP interface? Thanks for any ideas on how this can happen. |