[Dnsmasq-discuss] DHCP for captive portal

richardvoigt at gmail.com richardvoigt at gmail.com
Tue Nov 4 02:10:10 GMT 2008

> Under static ips this works pretty well. People that dont know what they are
> doing cant figure out how to connect anything and give up. All the perl/php

Unless they spoof both IP and MAC, which is trivially easy and gets
the other user billed for their usage.  Sure, there'll be some ICMP
port unreachable and even TCP RST packets sent, but you may be
dropping these anyway since they are also used for DoS attacks.

You may be able to catch this if you have managed switches and check
for MAC addresses learnt as broadcast instead of a single port, but
only if your switch is placed between the attacker and authorized

More information about the Dnsmasq-discuss mailing list