What protocol is this ?

Our local ISP gives each user a gateway one point below the
IP, ie if the customer's IP is 10.10.10.112 the gateway would be
10.10.10.111. Also the netmask is very limited, something like
255.255.255.253.
These numbers matching, you get connected, can use any working
DNS and the essid is valid.
Otherwise, you get shunted on to the DHCP and get a
non-working 192.168.x.x type IP, with an "unknown" essid.
No encryption whatsoever.
What kind of a protocol is that ? Using protocol in the sense
of "configuration needed to connect"
They have been in business for over 10 years.....

On Wed, 19 Aug 2009 19:12:41 -0700, Jeff Liebermann <(E-Mail Removed)>
wrote:

>On Wed, 19 Aug 2009 17:58:02 -0300, Shadow <Sh@dow> wrote:
>
>> Our local ISP gives each user a gateway one point below the
>>IP, ie if the customer's IP is 10.10.10.112 the gateway would be
>>10.10.10.111. Also the netmask is very limited, something like
>>255.255.255.253.
>
>Yep. Lookup subnet mask. It's probably 255.255.255.252 also known in
>CIDR talk as: /30. That give you two host IP's plus the gateway and
>broadcast address. You can see most of these with:
> ipconfig /all
>For a real muddle, try:
> netstat -r
>
>> These numbers matching, you get connected, can use any working
>>DNS and the essid is valid.
>
>Ummmm... hopefully, you cannot use any random SSID. However any DNS
>server should work. The ISP's DNS servers are usually the closest and
>fastest. Protocol requires that you ask the owner of the DNS server
>if you can beat it to death with queries.
>
>> Otherwise, you get shunted on to the DHCP and get a
>>non-working 192.168.x.x type IP, with an "unknown" essid.
>
>Ummm... there's no connection between the IP address and the wireless
>SSID. I don't want to get into the tradition pissing match about the
>difference between SSID and ESSID. As far as this discussion is
>concerned, they're the same.
>
>You might also want to dig through RFC1918, which defines the IP
>ranges of private (non-routeable) networks.
><http://en.wikipedia.org/wiki/Private_network>
>
>> No encryption whatsoever.
>
>Sigh. Where is this network and when I can break in?
>
A remote town in the interior of Brazil. You are welcome. Just
don't use MY ip. And you are right, it IS 255.255.255.25_2, I altered
it a teensy bit to make it more difficult for the isp to filter this
message. Didn't realize it would make a technical difference.
>> What kind of a protocol is that ? Using protocol in the sense
>>of "configuration needed to connect"
>
>It's not a protocol. It's just plain olde IP subnet mask.
><http://en.wikipedia.org/wiki/Subnetwork>
>
>> They have been in business for over 10 years.....
>
>Well, you must be doing something right not to get diverted with
>technical details. Concentrating on what's important, such as
>seperating the customer from their money, is what kept you in biz for
>10 years.
I'm a doctor, and a customer, bit worried about patient
privacy. Not in the business at all. I will rely on ssl sites then.
Our lawyers are not as primitive as the american counterparts
YET. So there is little chance of a lawsuit unless something really
hairy leaks.
> However, it would be a good idea to surface ocassionally
>and see what improvements the industry has to offer.
If they have not changed in 10 years, I find that very
unlikely.

TY

On Wed, 19 Aug 2009 17:27:01 -0500, DanS
<(E-Mail Removed)> wrote:

>Shadow <Sh@dow> wrote in news:(E-Mail Removed):
>
>> Our local ISP gives each user a gateway one point below the
>> IP, ie if the customer's IP is 10.10.10.112 the gateway would be
>> 10.10.10.111. Also the netmask is very limited, something like
>> 255.255.255.253.
>> These numbers matching, you get connected, can use any working
>> DNS and the essid is valid.
>> Otherwise, you get shunted on to the DHCP and get a
>> non-working 192.168.x.x type IP, with an "unknown" essid.
>> No encryption whatsoever.
>> What kind of a protocol is that ? Using protocol in the sense
>> of "configuration needed to connect"
>> They have been in business for over 10 years.....
>>
>
>What you question is not a 'protocol', but rather, basic IP subnetting.
>
>In your case, me thinks the subnet mask is typically 255.255.255.252
>which yields two usable IP addresses.......
>
>192.168.1.0 = Subnet ID
>192.168.1.1 = Usable IP address
>192.168.1.2 = Usable IP address
>192.168.1.3 = Subnet broadcast IP address
>
>IP 101.....in order for 2 devices to communicate via IP, they need to be
>on the same IP subnet. Otherwise, they will need to be routed through
>some gateway.
>
>Ergo.....in order for an IP device to communicate with the gateway, the
>gateway must be on the same subnet.
>
>So what you are seeing is an assigned IP address, and a default gateway
>of a very small subnet.
>
>If you *really* care to know, then.....
>
>http://www.cisco.com/en/US/tech/tk36...e09186a00800a6
>7f5.shtml
>
>
Yep, I read it, thank you. Next netmask from 255.255.255.252
would be 255.255.255.254, which would give me exactly zero usable IP
addresses, which is why they use the 252 mask.
I just did not realize that a commercial wireless router
could be configured to do this.
I will take care with what I type, as they are probably
wiresharking me right now. Newsguy (my newsgroup provider) is ssl, so
I'm probably safe.
[]'s

On Thu, 20 Aug 2009 11:42:38 -0700, Jeff Liebermann <(E-Mail Removed)>
wrote:

>On Thu, 20 Aug 2009 14:46:13 -0300, Shadow <Sh@dow> wrote:
.............
>If patient security and privacy is an issue, and the ISP does not
>provide any over the air encryption, SSL or a VPN will provide you
>with sufficient security to keep things private.
I will use ssl mail servers, like Google on ports 465 and 995.
The local terra and telefonica mail services are all port 25 and 110
and unencrypted . Although when the patient reads my mail he will get
it plain-text, and easily sniffable, I suppose. As to VPN I have
nowhere to VPN to...
>
>> Our lawyers are not as primitive as the american counterparts
>>YET. So there is little chance of a lawsuit unless something really
>>hairy leaks.
>
>Easily solved. Want us to send our attorneys to Brazil? I'm sure you
>can think of something useful that can be done with them. (Hint: No
>country ever sued its way to greatness).
We are testing new brake linings based on pure olive oil for
our vehicles , and need some realistic obstacles. How much would a ton
of lawyers be ? And would I have to pay the freight, or could they
talk their way here ?

[]'s

Jeff Liebermann <(E-Mail Removed)> wrote:

> On Thu, 20 Aug 2009 14:46:13 -0300, Shadow <Sh@dow> wrote:
>
> >On Wed, 19 Aug 2009 19:12:41 -0700, Jeff Liebermann <(E-Mail Removed)>
> >wrote:
>
> >>> No encryption whatsoever.
> >>
> >>Sigh. Where is this network and when I can break in?
>
> Encryption is your main security method. I suggest you impliment WPA
> or WPA2 encryption. If this is a large system, consider installing a
> RADIUS server to avoid having everyone use the same shared encryption
> key. With a RADIUS server, each user gets their own unique one time
> encryption key.

Is everyone having the same master key really a problem here?

With WPA-PSK (TKIP), encryption of data packets uses a session key and
key mixing. See Gast, 802.11 Wireless Networks p 150 - 151.

The second editition :-)

The (other) clients, that also have the WPA master key will be able to
join the wireless network, but will the also be able to decrypt
client-AP traffic?