Linux-AP-with-captive-portal offering. There's another one in the works from Musenki (http://www.musenki.com), but they are (re)implementing NoCatAuth in C, instead of Perl, to be more friendly to smaller footprint embedded devices.. ----- Forwarded message from "David L. Sifry" <dsifry at sputnik.com> ----- From: "David L. Sifry" <dsifry at sputnik.com> To: Sameer Verma <sverma at sfsu.edu> Cc: nocat <nocat at pez.oreillynet.com> Date: 22 Feb 2002 23:25:28 -0800 Subject: Re: [NoCatNet] NoCatAuth on the map Sameer, Thanks for the kind words. Before I talk about Sputnik, I'd like to take a moment and wish Rob my sympathies and wishes for a quick recovery! Even though we've never met, I was deeply shocked when I heard about your accident. Rob, if you're reading this - get well soon, man. And thanks for the code. Yep, our new company, Sputnik, has created an all-in-one Smart AP (uses the HostAP drivers for Linux), router, dynamic firewall (iptables-based) with bandwidth shaping, and a modified NoCatAuth captive portal that authenticates with our backend authentication, settlement and billing systems. It doesn't currently authenticate against RADIUS, Active Directory, or NDS just yet, these are some additional features that we're building into the backend as we speak. It fits down into an ISO image you can burn onto a CD (48MB currently), and when you boot from the CD, it completely bypasses your hard disk (IOW you don't need a hard disk) and turns your computer into an embedded smart AP with authentication. All you need is an old computer, a Prism2-based PCMCIA 802.11 card, and an ethernet connection. It figures out the rest. Well, most of the time. :-) Oh, and by the way, all of the gateway code is open source, including the changes and improvements we made to NoCatAuth (well _duh_, it's GPL'd code). I don't have things in a state with a patch file against the latest tree, but all the perl code is on the CD, so you can view it and perhaps someone can help out and turn it into a patch file. One of the nice improvements we made is that we now open a tunnel to the authentication server that allows 2-way communication between the gateway and the authentication server even if the gateway is behind a fiewall, NATted, etc. In other words, you don't have to put the gateway on a public IP with port 5280 open. It also means that we can do some nice systems management and update features as well, like automated s/w updates and bug fixes, and some cool wireless management like dynamic channel management (automatically change the 802.11b channel the AP uses based on S/N ratio and based on the knowledge of the channel used and location of nearby gateways) and "poor man's 802.11h" which allows us to turn up or down the power of the AP based on S/N ratio and the location of clusters of nearby Sputnik gateways as well. All of these features are part of the open source gateway code. We will also be making plugins and other code that will not be open source, and those will be part of our high-end Sputnik Enterprise Gateway that is geared more at solving the problems that big enterprises have with wireless deployments, like integration into systems management platforms like OpenView and Tivoli, authentication systems like smart cards and biomentrics, and our back-end billing and settlement systems. All of the Sputnik Gateway code is open source - either derivative work of code like NoCatAuth or our own code which is released under the GPL, and it is our goal to foster a strong development community - we think that having a stable secure platform for wireless apps is critical, and we would like to see the Sputnik Gateway become that platform. In the end, it is our goal to create a drop-dead simple, smart, secure, authenticated 802.11 network that brings back the control of wireless broadband out of the hands of the monopolists, and back to all of us. If you want to find out more, check out our development site: <http://www.sputnik.com/dev/>, and go and download the code: <http://www.sputnik.com/products/gatewaydownload.html>. We'll be putting up more development resources soon, like public CVS, bugtracking, and mailing list archives. You can join the gateway developers list by going to <http://www.sputnik.com/dev/signup.html>. NoCatAuth developers, thanks again for all the hard work and dedication you've put in so far. I hope our code can help make NoCatAuth even better. Rob, if you've gotten this far without falling asleep, get well soon, and keep up the good work!!! Dave On Fri, 2002-02-22 at 20:45, Sameer Verma wrote: > Folks, > Last night at the BAWUG meeting, Dave Sifry of Linuxcare fame presented > his new (Sputnik's) team's new work. A one-in-all package that works as > a Base Station (in full AP mode using prism2 chipset) and does > authentication with backend methods including a DB, RADIUS, LDAP, Active > Directory (i.e. LDAP in W2K), Novell Directory Services (NDS). It has a > bunch of features that I won't go into since it will take a while to > type :-). Perhaps Dave can post the presentation for us somewhere. > > All through the presentation, I was thinking to myself "This sounds like > NoCatAuth on steroids!!!". And guess what? At the end of the > presentation, he did mention that for those who are really into this > stuff, and for those people who really work with the software, the > Sputnik Gateway (http://www.sputnik.com/) is a variant of NoCatAuth. > > :-):-):-) (these three smileys are dedicated to Rob's (and everyone > else's) hard work paying off. Get well soon.) > > Very cool indeed!!! > > Sameer > -- > Sameer Verma, Ph.D. > Asst. Professor of Information Systems > San Francisco State University > San Francisco CA 94132 USA > http://verma.sfsu.edu/ > -- David L. Sifry dsifry at sputnik.com Cofounder and Chief Technology Officer, Sputnik Inc Phone: 408.497.3120 Fax: 415.354.3342 ----- End forwarded message ----- -- andyw at pobox.com Andy Warner Voice: (612) 801-8549 Fax: (208) 575-5634