Latest Comments

In response to: CCA/NAC soon gone from UCI Resnet

Comment from: Joe [Member]

This came from an email of the Palo Verde Housing Director to the PVRC (as a former PVRC member, I am still subscribed to the PRVC mails.)
This was sent during the break, so I expect this to gain more visibility in the upcoming weeks.

01/07/14 @ 18:16

In response to: CCA/NAC soon gone from UCI Resnet

Comment from: Sean O. [Visitor]
Sean O.

Where/when did you hear this from? There’s been absolutely no notice to the grad/professional students from our resident councils or AGS as of the 1st week of January.

This CCS garbage has been plaguing my roommate, who makes me very very glad that I don’t have Win 8.1. Resnet claims they’ve supported it since October, but there’s significant proof to the contrary.

01/07/14 @ 17:40

In response to: Resnet's Reddit AMA

Comment from: Joe [Member]

Thanks for your comment.
Sure, Resnet is here to stay. And I have no problems with that. I just wish they would actually know what they are doing, which they clearly don’t. In industry, these guys wouldn’t last long.
On the CCA mailing list, there was one guy who tried to use CCA in a commercial company, and later reported that he nearly got fired…
And of course, everybody who knows how networks work would just put a router in front of their computer(s), connected the way it was intended to be used, with the WAN port going to the wall plug. I’ve never had NAC/CCA on my computers, not even on my Windows laptop. But this is not really about techies who know these things.
For example, the bad Resnet instructions to connect a LAN port to the network opens up a bunch of attack paths into the person’s computer. So, Resnet is actively increasing the risk of breakins, virus infections, etc., and that can affect everybody on the network.

04/22/13 @ 07:14

In response to: Resnet's Reddit AMA

Comment from: [Member]
ucigradstudent

Hi Joe,
I was skimming through the UCI subreddit and came across that AMA you mentioned, which led me to this blog.

I’m a grad CS student at UCI, and in no way do I claim that I might know as much networking as you do, but I’ve never run into any issues circumventing UCI’s network policies for years. As a result, I’ve also never been bothered by them. I like to think they are on a policy of “if you know enough to get past, you know enough to stay out of trouble".

That said, I think most people would agree that departments (with their policies, and all the good and the bad that come with them) like ResNet are here to stay. ResNet will be gone when every user on the network is a competent user, from the incoming freshman up to the highest ranking faculty. Why bother speaking out against them in this manner, if you can have everything that you want without much effort anyways?

I honestly can’t see anything that isn’t able to be bypassed that you would possibly want (well, except for more TV channels…)

04/22/13 @ 00:54

In response to: Upgraded Perl script to log into CCA/NAC

Comment from: Joe [Member]

Hmm, the link still works. I just tried it.
Maybe you have a firewall active that blocks executables?
Or maybe Resnet blocks it. Try downloading it from a location outside of Resnet’s control.

10/29/12 @ 08:44

In response to: Upgraded Perl script to log into CCA/NAC

Comment from: casual_browser [Visitor]
casual_browser

Hey,
The URL is dead. Does this script still work?

10/29/12 @ 07:58

In response to: Another CCA and UCI Resnet fail

Comment from: Joe [Member]

I don’t know if you are an undergrad or a graduate student. If you are a graduate student and live in Verano Place or Palo Verde I suggest you contact the Residents Council there. It is important that the Residents Councils know about the problems, so that they can more efficiently push for a change.
Also, make sure to inform your advisor. Most faculty doesn’t know about these Resnet issues, but they have more influence than students.

10/03/12 @ 16:15

In response to: Another CCA and UCI Resnet fail

Comment from: Humanist chick [Visitor]
Humanist chick

These guys are pissing me off. They told me my system was corrupted and had to upgrade to Windows 7 before I can go through that totalitarian Cisco big brother. Oy? I have moved in for over a week with no Internet. I find myself sending email messages half an hour late to my colleagues with my cell-phone-used-as-a-modem when they have already discussed everything I write on my replies. This makes me look unprofessional! I am mortified by these Resnet people!

- A very unhappy humanist

10/03/12 @ 16:04

In response to: UCI Resnet is back to being brain-dead

Comment from: [Member]
pvtredshirt

I’m a PV resident, and I feel stuck between a rock and a hard place on this network configuration issue.

I didn’t have any issues making things work before with my router neutered into a mere access point, but now they’ve introduced some weird kind of wall-jack level isolation policy.

I think the intent was to quell fears that arose from being able to see your neighbors’ computers, but now the devices plugged into the wall in my living room can’t see the computers plugged into the wall (via the LAN ports on my router) in the next room over.

The only solution to this problem is to get everything on wireless, or run a long ugly cable through the home :(

08/12/12 @ 00:15

In response to: UCI Resnet is back to being brain-dead

Comment from: Joe [Member]

I haven’t modified DD-WRT myself, since I always used a full-blown Linux machine with 2 NICs as router. But I do know that some people had modified their routers to login automatically.
Due to the limited free space in these routers, a compiled program would probably be best. A little C program, statically linked with the curl and openssl libraries. Of course, you’d have to set up a cross-compile environment for the processor in the Linksys routers. The DD-WRT wiki has info on that.
Oh, and I’d be happy to put your modified Perl script up.

03/18/12 @ 21:43

In response to: UCI Resnet is back to being brain-dead

Comment from: Brian [Visitor]  
Brian

Yeah, I guess I was wrong about the router thing. It does still work if you login from behind the router.

I think I figured out why the Perl script didn’t work, and it didn’t involve sessions or cookies. It was just a few parameters. I’ll verify it soon and post the changes if you’d like.

I happen to be using a couple of DD-WRT routers that I’m trying to login automatically from, allowing all my LAN to connect without trouble (then I might be able to kill CCA on my Windows PC!!!). Unfortunately, it doesn’t have Perl or OpenSSL installed by default, but I’m trying to figure out another solution. (Any ideas?) Perhaps I can compile my own C program.

03/16/12 @ 23:45

In response to: UCI Resnet is back to being brain-dead

Comment from: Joe [Member]

No, the router doesn’t register with Resnet (although that’s possible with some routers where you can change the firmware, e.g., certain Linksys routers, using DD-WRT.)
You register with your computer behind the router. The issue is that only one machine, the first one that connects, behind the router has to register, because Resnet sees the same IP address from all computers behind the router. That’s what they don’t like, and that’s why they had this idea of using the LAN ports.
Your computer, or a router, gets an IP address way before you register. If your computer is connected directly, it gets an IP address before you even log in. Similar with routers. They get assigned an IP address from Resnet without registering, etc. They just can’t do anything with it until somebody behind the router has logged in with Resnet.

As for the Perl script, when I wrote it, I essentially analyzed what data the login website wants. I used wget to get the whole webpage, including headers. For session handling, cookies are usually used, which are in the header. If cookies are disabled, the server side usually sends the session id in the page as hidden variable.

03/16/12 @ 10:20

In response to: UCI Resnet is back to being brain-dead

Comment from: Brian [Visitor]  
Brian

Hi Joe! I’m an EECS grad student here, and I’m interested in solving some of these sorts of issues.

Joe: “I personally would just ignore Resnet’s router configuration website, and follow the manufacturer configuration instructions.”

What makes you believe this will work? Usually, the manufacturer has you set it up with the WAN link facing the Internet and assigning its IP by DHCP. But this requires that the router itself must register with ResNet (or perform the interactive CCA web login - kinda hard to do from within the router!)

So unfortunately, it seems like for the vast majority of users, they are forced to follow ResNet’s configuration suggestions (connecting via a LAN port, disabling the router’s DHCP, etc.). FWIW, that has worked OK for me. I can probably help if others (Megan?) are having problems still.

On a more advanced note: Joe, do you have a good idea of what might be needed to update your Perl autologin script for the current ResNet configuration? I don’t think it works anymore. It seems like ResNet uses some kind of JavaScript sessions in addition to just HTTPS POST for login now…

03/16/12 @ 10:00

In response to: UCI Resnet is back to being brain-dead

Comment from: Megan [Visitor]
Megan

Thanks for your advice! I’ve been pulling out my hair trying to do as they say (and then later, have to do it all over again). I will definitely make a complaint to PVRC. I appreciate the help.

09/27/11 @ 23:17

In response to: UCI Resnet is back to being brain-dead

Comment from: Joe [Member]

Hmm, I can’t really help much, I am long gone from UCI (I am still on some UCI mailing lists, though; that’s how I learned about this issue.)
I was active in the Palo Verde Residents Council (PVRC) 6 years back. That’s why I know all the stuff that was going on back then.
At that time, we fought tooth and nail with Resnet over the router configuration issue, but it took them getting a lecture from the real network professionals at UCI’s Office of Information Technology, http://www.oit.uci.edu/ to get things resolved.
And that was with most of the PVRC people in the Computer Science graduate program…

I personally would just ignore Resnet’s router configuration website, and follow the manufacturer configuration instructions. The manufacturer knows better than UCI Resnet how their device works and how it is configured correctly.
Of course, even though that would be the sensible, common sense thing to do, it would be at your own risk. Resnet and common sense are obviously two things that don’t quite fit together.
My hope is that eventually, they find back to reality…
Until then, your choices are basically to follow Resnet’s instructions and have tons of problems with your router, or to follow the manufacturer’s instructions and don’t have problems with the router, but potentially run into problems with Resnet. You’re unfortunately stuck between a rock and a hard place…
I can’t really give recommendations on what to do. I know what I would do, and I know that as a computer professional I would be able to fight Resnet on the technical merits (and win.) But for people without the technical expertise, it is just much harder to argue with Resnet. Maybe if you have acquaintances in ICS…

In any case, please make your voice heard. Let the PVRC know about your problems (pvrc at uci dot edu). They can make this issue more visible within the administration.
Good luck.

09/27/11 @ 20:14

In response to: UCI Resnet is back to being brain-dead

Comment from: Megan [Visitor]
Megan

I’m a current grad in PV. Resnet has been absolutely unhelpful with my issue (configuring router for wireless, etc). I’ve called more than 10x in the past week.

Any advice? Who do I go to for help since they refused to tell me anything and just referred me back to their router reconfiguration website. UGHHH…

Thanks.

09/27/11 @ 19:28

In response to: Another CCA bypass program

Comment from: Michael Zeller [Visitor]  
Michael Zeller

Interesting Joe.

Well, it must be that UCI ResNet is nice enough to not do that, because the setup works great for me and has yet to hiccup. If this changes in the future, I might have to start contributing to this blog. =) Thanks for your time in bringing issues like this to light, much appreciated.

02/07/09 @ 21:04

In response to: Another CCA bypass program

Comment from: Joe [Member]

When I said “game consoles are usually put in a special role that allows only certain ports to go through” I mean that CCA can be configured that way.
I have no idea if UCI Resnet does that.

02/07/09 @ 08:57

In response to: Another CCA bypass program

Comment from: Joe [Member]

Hello Michael,

Thanks for your post.
Unfortunately, the steps you describe most likely won’t work.
CCA is designed to have different roles, and game consoles are usually put in a special role that allows only certain ports to go through (usually http, but not ssh, or skype.) The detection if it is a game console is done via the first part of the MAC address. The manufacturers from time to time use a new range of MAC addresses, and when people start to use game consoles with these new MAC addresses, the CCA mailing list shows questions about that.

As far as Bill Zeller is concerned, he was the head of UCI housing. That’s when I had to do with him… The Palo Verde Residents Council would probably not exist if it weren’t for him. He angered people enough to take action ;-) He cetainly angered me enough to help start the PVRC.
He eventually got moved to a position where he can’t do much damage. Before he was hired by UCI, he was managing housing at the University of Michigan, where, according to reports in UMich newspapers, he got fired because he mismanaged things (just like at UCI.)
When I looked through my webserver logs, I noticed that some people apparently search for some other Bill Zeller, a medical doctor with no connections to UCI. I apologize if anybody with the same last name gets caught in this. My beef was always only the mismanagement in UCI Housing, and that unfortunately is connected with the then director of UCI Housing.

02/07/09 @ 07:41

In response to: Another CCA bypass program

Comment from: Michael Zeller [Visitor]  
Michael Zeller

OK, so first off, I am not related to Bill Zeller (well, I probably am to some extent, but you get my point), to whom you write a lot about. Second, I do live in PV and I found your page after I saw Bill Zeller mentioned in an email and you happened to be the top google search (good work!).

Alright, so I have an easier solution to this problem, and hopefully I can clear up the Zeller name with this one. Suffice it to say, CCA is a bane on society and borders on wasting as much time as all other forms of virii combined. (10-30 seconds per person per week to login to the system “why isn’t pidgin/ssh/skype/etc working!?!” causes more of a headache).

It’s as simple as this:
1) Buy a router, which everyone that has more than one computer/laptop already has.
2) Buy/borrow a Wii
3) Connect to the internet via Wii via router.
4a) Done, your router looks like a Wii and won’t ask to register each week.
4b) If you connected to the internet before attaching the Wii, attach Wii directly to the ethernet jack and connect to the Internet. Next, go to the Wii internet settings and get your Wii MAC address. Clone that MAC address on your router. Reattach router to ethernet jack.

Note to ResNet: I am not Michael Zeller, and the above does not emulate a MAC if you follow step 4a, so no breach of contract.

02/06/09 @ 23:36
This blog tries to capture all the gripes about UCI Resident Networking (Resnet) and the switch to UCI-managed Cable TV in on-campus housing.
This site is not affiliated with UCI or UCI Housing.
March 2024
Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
 << <   > >>

Search

  XML Feeds

powered by b2evolution free blog software