So resnet really sucks lately. Not only is the network remarkably slow (some kind of DDOS or something) but OIT is spending oodles of our tuition and tithing on a lame authentication system AND telling us we don't have to pay for it anymore. Hah! Who wants to pay for service this bad! But seriously, I'd rather pay and keep the status quo than "pay" in this way. Supposedly we will only have to authenticate once per semester, but so far it's been daily (though they claim it will only be weekly for a while). Today I had to authenticate twice! Honestly $12.50 is an unbeatable price for 10Mb, I'll gladly pay, just don't make me suffer!
Now this isn't just for giggles, the idea behind this system is to make the students accountable for what they do on the network. More especially it's to track down students with worms running on their machines and such like. This is a good idea (Halcrow probably doesn't think so, but I'll let him chime in for himself, his oppinions keep us better rounded anyway) and I don't mind it at all. It will probably get better once they learn how to use their new system and I imagine next semester it will be a one time thing, but for now it sucks. I have concerns about their strategies for determining if your machine has a virus, but the auth script does note that you're using Linux, so maybe we'll be okay. Now on to the good part: This goofy login page works just fine in your favorite browser (emacs? no..., but I suppose it will work there too) so it can be scripted pretty easily. It's a little late for me to be coding perl, but I wrote a one-liner curl command to authenticate. Some tests should be written and either a daemon or a cron-job set up to check if you've been logged off, but here's what seems to be the necessary command: curl --data uri=<some_uri> --data userip=<your_ip> --data os=LINUX --data vlan=<your_vlan> --data username=<your_netid> --data password=<your_password> --data provider=byu-ldap https://connect2.app.byu.edu/auth/perfigo_validate.jsp It needs a uri to redirect you to, but you can use anything there, curl won't redirect unless you ask it to. You'll have to ask the system what IP you got, this could be done as part of an if-up script I suppose. The vlan is harder, you pretty much have to log in once and find the data in the login page source, mine was 815. If the command returns nothing you logged in just fine. The system doesn't mind if you log in while you're already in, so a quick fix would be to just put this command in a cron-job running every minute. That's not polite of course, and if they come knocking on your inbox don't tell them I told you to. So I'm imagining a system that tries to get the BYU homepage and if it gets a redirect to connect2.app.etc. sends this data. This would be fair to do every minute. Should be real simple, so unless someone does it for me before I get around to it (I know at least one grad student who's highly motivated) I'll probably write it up and post my own script and instructions for using it. -- Andrew Jorgensen ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
