In the following video, we show that it is easy (i.e. anybody can do it) to hijack FON user's sessions (i.e. access his Facebook, Twitter,... accounts) using a simple Firefox extension. You simply have to be connected on the same access point, which is an open access point in the case of FON and most hotspots.

La ville de Nivelles a annoncé il y a quelques mois son intention d'adhérer au projet FON [1,2], un projet de partage de WiFi communautaire. Ce qui peut s'apparenter à une très bonne idée au premier abord, pose pas mal de questions à la fois techniques et juridiques. N'étant pas juriste, je ne ferai que mentionner les côtés juridiques, sans entrer dans leurs détails.

In order to add new EAP methods to the linux implementation of IEEE802.1X, I had to make the protocol work on a wire. Since I had some difficulties to succeed and to find sample examples for wired connection, I publish these sample configuration here. I hope it will help.

It is based on hostapd and wpa_supplicant 0.6.4. To compile them, go in the hostapd/wpa_supplicant directory, copy "defconfig" to ".config", for hostapd uncomment the line "CONFIG_DRIVER_WIRED=y" and "make".

Hostapd (the authenticator)

Mei Wang Dunn, L. (Cisco Syst.) Wei Mao Tao Chen (China Internet Network Information Center)
Appears in: Computer Communications and Networks, 2007. ICCCN 2007.
Publication Date: 13-16 Aug. 2007
On page(s): 371-376
http://ieeexplore.ieee.org/iel5/4317769/4317770/04317847.pdf

This paper introduce a "new" allocation scheme for address block that is growth-based. It uses growth rate information of customers for optimizing the allocation. An evaluation is made on historical date from APNIC and China.

to be continued

IPv6 and DNS

By ISC. (authors of BIND)
Nothing really interesting for us.

Discussion

Available at http://video.google.com/videoplay?docid=-7378520217361044033&q=ipv6+%22Google+Tech+Talks%22+duration%3Along+(site%3Avideo.google.com+OR+site%3Ayoutube.com)&hl=en-GB

- It seems that Apple airport Gateway implements full IPv6 (by tunnel?)
- NAT v4->v6->v4 an issue ? It is temporary and an incentive for full IPv6... and it's not worth than v4->v4->v4

F. Beck, I. Chrisment, and O. Festor. A Monitoring Approach for Safe IPv6 Renumbering. IPv6 Today - Technology and Deployment Workshop (IPv6TD'06). August 2006.
The paper can be found on : http://hal.inria.fr/action/open_file.php?url=http://hal.inria.fr/docs/00...