LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices

Reply
 
Search this Thread
Old 08-18-2009, 12:22 PM   #1
eellis
LQ Newbie
 
Registered: Aug 2009
Posts: 5

Rep: Reputation: 0
HP Mini 110 (Linux) - Linux explicitly blocked from university wifi !!!


Because my girlfriend was about to begin attending classes at Golden Gate University of Law I had purchased her an HP Mini 110 Mi Edition series. Now that she's begun attending classes I've found that their private wifi network is explicitly blocking any Linux clients from accessing the network. To try and resolve this I went to class with her attempting to connect. I found that there are two networks, public and private. The public network connects without a password but runs all traffic through a proxy which redirects to the university website (www.google.com redirects to the university home page). There is also a note that students will not be able to access the network using Linux and that running windows in a virtual environment will not work either.

The instructions for accessing the private wifi for windows involve WPA2 with password and loading any url in IE to invoke an activeX component of some sort. The instructions for Mac simply state that a Java applet will be installed and running when the browser is opened.

The first thing I did was load the user-agent switcher in Firefox to pose as a Mac. This didn't seem to do anything. What I'm seeing is the wifi attempting to connect but eventually timing out.


My question is: does the wifi protocol broadcast OS information? How is it possible that the university wifi+proxy is aware that I'm running Linux?


Having been a Linux user for well over a decade and having big money backing some of these very well designed distributions (HP Mini) it is a complete insult to find that I'm being forced to pay well over $100 to install Windows!

Does anyone have any ideas on how I may attempt to spoof another OS (Mac) to access the network?
 
Old 08-18-2009, 12:31 PM   #2
mostlyharmless
Senior Member
 
Registered: Jan 2008
Distribution: Slackware 14.1 (multilib) with kernel 3.15.5
Posts: 1,550
Blog Entries: 12

Rep: Reputation: 177Reputation: 177
Well, of course, if it's university policy, then you should not be attempting to spoof another OS or attempting to circumvent their policy. The appropriate thing would be to make inquiries about the policy and see if you can agitate for change.
 
Old 08-18-2009, 12:33 PM   #3
pljvaldez
Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Squeeze (x86)
Posts: 6,092

Rep: Reputation: 269Reputation: 269Reputation: 269
Have you contacted the tech department at the university (or go there in person)? Years ago, most of those techs were geeky like me and could either help me work out the issue or at least clarify why the policy is what it is and why it can't be circumvented technically.
 
Old 08-18-2009, 01:22 PM   #4
pixellany
LQ Veteran
 
Registered: Nov 2005
Location: Annapolis, MD
Distribution: Arch/XFCE
Posts: 17,802

Rep: Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728Reputation: 728
Ditto for taking this up with the University IT department. They may be doing something which has the effect of blocking Linux, but they may not have meant to do this. If it is intentional, see if you can find out why.

Think twice about trying to go around them---IT administrators and bureaucrats sometimes have the sense of humor normally associated with Warthogs.
 
Old 08-18-2009, 01:31 PM   #5
eellis
LQ Newbie
 
Registered: Aug 2009
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks guys, I'll see about talking to their IT department. As well, one of the IT Ops guys here where I work as offered to give me a copy of XP so worst case, I won't have to pay for it.
 
Old 08-20-2009, 01:54 PM   #6
PPGodOfLove
LQ Newbie
 
Registered: Aug 2009
Posts: 8

Rep: Reputation: 0
Hi there.

This is probably the only thing I can help in this forum, so I'll try.

Where i'm studying, we also use a WPA2 protection on the wireless network, and, THEY SAY that we con use it only on Windows and Mac. BUT !

The way it's working (and i'm almost sur it's the same way in your university) is that you go on your university domain, they ask you your identification (the code that the university uses, here we call this permanent code, they use the 3 first letters of your last name an the first letter of your first name, then put your birth date... Example BROJ050682 for Jeremy Brooke...) and then a activeX control will add a certificate to your browser. It's a Macrosoft system, I know the IT at my school and they bought it from Microsoft, that's why they say that Linux is not allowed, the system cannot deliver the certificate for Linux. So, just do this :

Get on any station with windows, and request the certificate in Firefox. The, you can export that certificate, put it on a memory stick (or send it by email ?) and try to import it from your Firefox on the Linux station. Normally this system do no store the MAC Adress of who asked the certificate, so it should work.

The ardest part is to configure the WPA supplicant to handle WPA2. One of my firend acheived it, so it can be done. Once WPA2 is configured and the certificate is imported, it should work.

Happy to TRY to help someone,

PP
 
Old 08-29-2009, 03:36 PM   #7
w00ly
Member
 
Registered: Aug 2009
Posts: 31

Rep: Reputation: 15
Your browser tells the web server what OS you're running. http://www.tracemyip.org/
I'd say if what PPGodOfLove suggests doesnt work, try combining it with some kind of spoofing or try running windows inside virtualbox. They say it's not allowed but I cant think of any way they'd be able to know
 
Old 08-31-2009, 11:25 AM   #8
eellis
LQ Newbie
 
Registered: Aug 2009
Posts: 5

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by w00ly View Post
Your browser tells the web server what OS you're running. http://www.tracemyip.org/
I'd say if what PPGodOfLove suggests doesnt work, try combining it with some kind of spoofing or try running windows inside virtualbox. They say it's not allowed but I cant think of any way they'd be able to know

Thanks, that's the main thing I was looking for. I got as far as connecting with my personal thinkpad running fedora to the wifi but still had issues running the Cisco Clean Access Applet (wasn't able to get online). I'm going to try again today connecting to the wifi then running the IE browser in a vmware instance. Hopefully that will work.

It is odd to me that the netbook running an HP modified dist of Ubuntu isn't able to complete the wifi connection with WPA2 personal. I suspect it's either the MAC being blocked because of previous attempts being identified as Linux, or that the Ubuntu distro may be a bit behind in their wifi supplicant updates.

First thing first I'll get it to work on my Thinkpad.
 
Old 08-31-2009, 11:30 PM   #9
w00ly
Member
 
Registered: Aug 2009
Posts: 31

Rep: Reputation: 15
Heh, i'm having my own issues with wireless/ubuntu/ndiswrapper so i'm not surprised there. I havent used vmware so I dont know what settings it has but if it's like virtualbox (which it probably is), you can specify which OS to report. If you dont want to mess VMs, you could also try Tor, a proxy/vpn or some other extension for firefox that'll hide your referrer info. Actually there's a setting in firefox's about:config called network.http.sendRefererHeader that you can supposedly set to 0 to get it to stop sending all that info but it didnt work for me. Someone said disabling javascript could work too so maybe get an extension like "no script" then just block everything on the page you're trying to load
 
Old 09-01-2009, 11:25 PM   #10
PPGodOfLove
LQ Newbie
 
Registered: Aug 2009
Posts: 8

Rep: Reputation: 0
There are some extensions to Firefox that can change the User Agent. So your browser can tell to servers you're a win32 user even if you're on Linux. Look for User Agent extentions on google.
 
Old 09-02-2009, 01:52 PM   #11
hornerm
LQ Newbie
 
Registered: Sep 2007
Location: Virginia
Distribution: PCLinuxOS
Posts: 4

Rep: Reputation: 0
College have contract with Microsoft. Microsoft setup the rules (OS) that only Microsoft and Apple may asset the system. Yes, Microsoft or IT setup the ActiveX control and script Java to look for OS to allow to connect to system.

eellis:

You still need to talk with college IT. Also try to get the copy of policy or EULA that draw up for college contract. If you can get it, read over the policy or EULA very, very careful and try track down on Linux rules. If you don't find it, sue the IT or/and Microsoft for blocking the Linux. Remember, Microsoft is monoploy company. Microsoft can control which ever it wish to fit themself. (Microsoft really, really hate Linux). If college IT don't have any copy of agreement for you to read, sue them. They have no right to block the Linux.

If IT have Microsoft system 100% and work with Apple Mac OS X then it should also work with Linux. Remember Apple Mac now run on OS X (which is like Linux/Unix, it used kernel as with Linux)

Good Luck.
 
Old 09-02-2009, 02:28 PM   #12
eellis
LQ Newbie
 
Registered: Aug 2009
Posts: 5

Original Poster
Rep: Reputation: 0
Yep, I'm waiting on another opportunity to visit the school but what I've found is that the no-Linux policy is a support policy and not a security/legal policy. The applet running in the browser is definitely the "Cisco Clean Access" applet which I'm assuming is router/proxy/gateway hardware, but don't really care.

- I was able to connect with the Mac OS - which ran the applet
- I was able to connect to the wifi with my Thinkpad (Fedora) but not the netbook (Ubuntu)
- After connecting to the wifi with my Thinkpad I ran Firefox with the user-agent-switcher plugin spoofing my agent to match firefox on the Mac. This didn't work, the applet never loaded.

- My next step is to go back to the school to connect again with the Thinkpad to the wifi then run a Vmware instance of windows XP. My hope is that this will fool the applet into loading the ActiveX components and allow browsing through the virtual instance. Which would be fine.

- After that I'll have to address the issue of the netbook not being able to connect to the wifi. But if it works on the Thinkpad then I'll definitely be able to make it work (maybe the netbook MAC address was blocked).
 
Old 09-10-2009, 01:46 PM   #13
eellis
LQ Newbie
 
Registered: Aug 2009
Posts: 5

Original Poster
Rep: Reputation: 0
I was able to connect to the internet through the University today. This was using my ThinkPad running Fedora9. First I connected to the wifi network then launched VMWare player running an instance of windows XP. From IE in the virtual XP the Cisco Clean Access - ActiveX components installed, launched the login page in the browser and allowed me to access the web. Running the native Linux Firefox did not work so I've given up on that.

The one remaining issue is getting the HP Mini (Ubuntu) to connect to the wifi - WPA2 Personal. In running a few searches this appears to be a problem with the HP-Ubuntu distro and will be treated as an entirely separate issue.

Thanks for the help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: HP Mini 110 now available in Australia LXer Syndicated Linux News 0 07-13-2009 08:41 AM
wmp 110 wifi card on Linux? decker Linux - Hardware 1 03-21-2009 05:14 AM
Wifi Stalls System only At University... bthornton Linux - Wireless Networking 1 12-01-2008 07:21 PM
University wifi doesn't work to me khoma Linux - Wireless Networking 7 12-19-2007 07:51 AM
Linux Newbie MN-110 Installation punk_rock_poser Linux - Hardware 0 04-21-2004 10:35 AM


All times are GMT -5. The time now is 08:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration