Re: [T(A)ILS-dev] WiFi hotspots ports list

Delete this message

Reply to this message
Autor: Maxim Kammerer
Data:  
A: intrigeri
CC: tails-dev
Assumpte: Re: [T(A)ILS-dev] WiFi hotspots ports list
Hi,

> lurking at Liberté Linux' source for inspiration regarding our wifi
> hotspots todo item [0], settings in your firewall somehow surprised
> me:
>
>        # Ports used by HotSpot registration pages
>        hotspot=http,https,webcache,tproxy,3128,3660,8088,11523,58080,1024:65535


I have certainly encountered non-standard ports in hotels, and the
list above (before 1024:65535) is from searching for transparent Wi-Fi
gateway suppliers/configurations on the net and scouring
/etc/services. However, there is the problem that the list can't be
exhaustive since you never know what custom configuration will be used
by any given ISP. And, consequently, I have received reports that the
unsafe browser in 2010.1 worked in one hotspot and didn't in another.
So I opted for allowing all non-privileged ports (and leaving the
former list intact for informational purposes), and making sure that
the user is aware that the unsafe browser must only be used when
necessary.

> Bye, keep up with the good work!


Thanks, and I am certainly looking for ideas in T(A)ILS as well! For
instance, I implemented kexec-based reboot/shutdown (with a custom
memory wiper).

Best regards,
Maxim