[ previous ] [ next ] [ threads ]
 From:  "Ryan Giobbi" <rgiobbi at zoominternet dot net>
 To:  "'Mikael Bohlin'" <Mikael dot Bohlin at se dot flextronics dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Odd kind of setup?
 Date:  Thu, 8 Jul 2004 06:34:15 -0400
Put m0n0wall's IP in Internet Explorer's restricted sites zone. It is under
internet options --> security. 

I just tried it- I could surf the web, but couldn't get into the m0n0 IP. 

-----Original Message-----
From: Mikael Bohlin [mailto:Mikael dot Bohlin at se dot flextronics dot com] 
Sent: Thursday, July 08, 2004 1:53 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Odd kind of setup?


I'm about to test the Monowall in a slightly different scenario then what I
guess most of you guys do.

I am about to build a separate network for our viristors and guests. From
this Visitor network our guests should get Internet access but no access to
our company resources.
On this network I connect the Monowall LAN interface, enables DHCP and DNS
forwarding. I will also use the Captive portal function, forcing them to log
on first.
On my company network I connect the Monowall WAN interface.

With this setup there pop's up a couple of questions:

 - Can I disable the Management on the LAN interface??? I do no want any
clever visitor trying to logon to the Monowall and changing stuff.
 - When a user logs on to the Captive portal page, it performs a HTTP POST
sending the user ID and password in clear text. Any user with a network
sniffer will easily find the others credentials... Can this be changed into
a HTTPS-POST??? It would add a lot of security into it.




Mikael Bohlin
IT Security Coordinator
Flextronics Network Services