|
← Revision 57 as of 2004-07-11 02:07:24
Size: 6708
Comment:
|
← Revision 58 as of 2004-07-11 02:08:40 →
Size: 6726
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 42: | Line 42: |
| * ChilliSpot is an open source captive portal or wireless LAN access point controller written in C which supports web based login (external web server required) as well as Wireless Protected Access (WPA), sports a builtin DHCP server and a RADIUS client/proxy server to handle authentication, authorization and accounting (AAA) via an external Radius server. Currently runs on Linux (RedHat, Fedora, Debian binaries available) but should compile also on FreeBSD, OpenBSD, Solaris, Apple OS X. Previously known as [http://www.mondru.com/hotspotd.html hotspotd], which was available only as binary. Fifth GPL release (0.94): 2004-06-22. (Added by Ovidiu) | * ChilliSpot is an open source captive portal or wireless LAN access point controller written in C which supports web based login (external web server required) as well as Wireless Protected Access (WPA), sports a builtin DHCP server and a RADIUS client/proxy server to handle authentication, authorization and accounting (AAA) via an external Radius server. Currently runs on Linux (RedHat, Fedora, Debian binaries and Gentoo ebuild available) but should compile also on FreeBSD, OpenBSD, Solaris, Apple OS X. Previously known as [http://www.mondru.com/hotspotd.html hotspotd], which was available only as binary. Fifth GPL release (0.94): 2004-06-22. (Added by Ovidiu) |
Since we first started talking about using the browser as an authentication tool in December 2000 OpenSource implementations have started to appear. Here is a list of all the software I know of that implements either a CaptivePortal or an ActivePortal solution.
Open Source
[http://nocat.net/download/NoCatAuth/ NoCatAuth]
- Written in perl, supports Linux/iptables and OpenBSD/pfctl. GPLed. Supports authenticating modes against an auth service with a wide variety of backends, including a MySQL database, PAM, RADIUS, LDAP, and more. Also features a non-authenticating "open mode" that merely requires a user to accept an AUP before they can log in. This project is more or less seeking a new maintainer.
[http://nocat.net/download/NoCatSplash/ NoCatSplash]
Written in C, currently under heavy development. Intended to be the successor to NoCatAuth, the gateway process and all its data files fit within 200-250k, making it ideal for embedded environments.
[http://www.cc.saga-u.ac.jp/opengate/index-e.html Opengate developed at Saga University (Japan)]
- GPLed, runs on FreeBSD. Uses a Java applet to keep the connection open, and ftp or pop3 servers for an authentication back-end. (added by Jim Thompson)
Still in early beta but it will provide an entire network application framework rather then just a CaptivePortal solution.
[http://www.geekspeed.net/wicap/ WiCap] by BrianCaswell
Written in Perl and runs under OpenBSD. I believe this is what NovaWireless will be deploying.
[http://www.river.com/tools/authhb/ River of Stars]
- Wireless heartbeat implementation (presently most usable on an OpenBSD gateway)
[http://www.lanroamer.net/soholanroamerdevframe.html LanRoamer] (Linux 2.4.x)
Based on the Linux 2.4 kernel and GPL'd. (Name changed to LanRoamer by Jim Thompson)
[http://slan.sourceforge.net/ SLAN]
- A GPL'd captive portal implementation using VPN technology. Has Linux and Windows clients.
[http://ceres.unit.liu.se/netlogon-devel/ Netlogon] by Kent Engström at Linköpings University
- Not much known, a basic captive portal solution.
[http://www.itlab.musc.edu/~nathan/authentication_gateway/ Authentication Gateway HOWTO] by Nathan Zorn
Uses a PAM module to insert an iptables rule. Very simple and effective. (Added by LimAko).
[http://software.stockholmopen.net/index.shtml StockholmOpen] by the Royal Institute of Technology in Stockholm, Sweden
This system is also operator neutral, allowing different users to connect through the access network to different upstream providers. Implementation in C, uses PAM, Linux/FreeBSD. BSD License. (Added by MartinHedenfalk).
[http://www.opensplash.org OpenSplash] by Aleksandr Melentiev from San Francisco Wireless
- Inspired by the simplicity of wicap, intended to run on FreeBSD by utilizing Perl and ipfw. Doesn't provide much functionality, other than a simple AUP agreement. Development version includes abstract authentication system.
[http://www.chillispot.org ChilliSpot] by Mondru AB
ChilliSpot is an open source captive portal or wireless LAN access point controller written in C which supports web based login (external web server required) as well as Wireless Protected Access (WPA), sports a builtin DHCP server and a RADIUS client/proxy server to handle authentication, authorization and accounting (AAA) via an external Radius server. Currently runs on Linux (RedHat, Fedora, Debian binaries and Gentoo ebuild available) but should compile also on FreeBSD, OpenBSD, Solaris, Apple OS X. Previously known as [http://www.mondru.com/hotspotd.html hotspotd], which was available only as binary. Fifth GPL release (0.94): 2004-06-22. (Added by Ovidiu)
Commercial or Proprietary
Patronsoft [http://www.patronsoft.com/firstspot FirstSpot]
Windows 2k,XP,2003, air time credit control, PayPal integration
- self sign-up/anonymous mode/freely customizable login pages/...
- with embedded database or working with MySQL, MS SQL, etc
MikroTik Hotspot RouterOS -- www.mikrotik.com
- Aptilo's Captive Portal
Cisco's [http://www.cisco.com/univercd/cc/td/doc/product/dsl_prod/6400/feat_gd/12_1_5/ssg.htm Service Selection Gateway]
- [??]
Starbucks has a CaptivePortal solution of some sort. Anyone know the details?
- Yeah, its Cisco's Service Selection Gateway -- Jim Thompson
[http://www.mschoice.com/ MS Choice] (site requires IE5) Microsoft's testbed for the Starbucks Deal.
- "To prevent such unauthorized access and hacking, OIT developed its own authentication program requiring wireless users to log in through a web browser before access to the Internet is granted. If a user's connection is inactive for a certain amount of time, the authentication system closes the user's access, deterring potential hackers from taking advantage of the connection."
- Not quite true. The Starbucks deal was Mobilestar, and there was precious little Microsoft content in the deal (or company). --Jim Thompson
[http://www.news-info.gatech.edu/news_releases/lawn.html Columbitech's Wireless VPN ]
- "... enables mobile professionals to access mission-critical data on the corporate LAN from all major handheld devices, with optimized performance and true end-to-end security from application to application. In addition, Columbitech's solution offers a secure always-on experience. Columbitech Wireless VPN will also support wireless network roaming."
[http://www.nas.nasa.gov/Groups/Networks/Projects/Wireless/index.html NASA's Wireless Firewall Gateway]
- A solution using Openbsd, PHP, IPFilter and Apache. There is no source available that I know of.
[http://www.wayport.net Wayport]
- Another solution using Linux, perl IPF, and Apache. No source available --Jim Thompson
[http://www.surfandsip.com Surf and Sip]
Hack using FreeBSD, perl, ipfw and mini_httpd. No source available -- MattPeterson
[http://www.fatport.com FatPort]
- Gateway software running OpenBSD, Perl, C, and Apache.
- Auth server running PostgreSQL, etc..
System can be licensed, but code not available. --KenSimpson
[http://www.birdstep.com IPzone] Linux,Apache No source available -- Suresh Rasaretnam
[http://www.controlap.com ControlAP] Win*,*nix,MacOS, Zaurus,PocketPC - JAVA VM needed - No source available, web-based administration - free 30 days trial.