Currently following is the setup of my wifi connection.
Laptop 1 ------> Wifi Router <------
Laptop 2
There are about 5 laptops which connect to the wifi router to access internet. Network is password protected so anyone with a valid network key can connect and access internet.
I am planning to develop a local website which will be having a list of username and passwords. I will also remove the password of the wifi network so that anyone can connect.
If a connected system tries to access a web page in the internet then redirect them to a Login page (in the local website) and ask them to login. Once successfully logged i,n the mac id should be added to "Allow" list and monitoring starts. Internet should not be available for those who don't have a valid username and password.
I was thinking about developing the application to block/allow internet access though a vb.net/c# application.
I am okay with the website part. What I would like to know is
How I can block/allow internet access through the .net application.
Is it possible in .net or should I be going for an unmanaged code development?
If it is possible where is the best place to start? I have experience in winforms development but not much of network programming.
Will there be any change in my current wifi setup? May be a new webserver/proxy server which will host the website and the windows application?
Sorry about too many questions ;-)
DD-WRT (free firmware) has built in hotspot that already includes many of the features you are looking to build:
http://www.wi-fiplanet.com/tutorials/article.php/3730746
The DD-WRT software runs on the ubiquitous WRT54G router - which you may be using.
Total cost: $0-50 (depending on if you have a WRT54G already)
There are two ways to go about this: You can buy an advanced wireless router that lets you hook up some sort of authentication system, or you can have a separate wired system between the wireless router and its upstream connection (with two network cards). At this point, you should be able to have software on that system to manage the traffic that goes across it (although I don't have direct knowledge of any particular software firewalls that you might be able to use for this)
Related
I am making an app which requires connecting to a specific payment gateway. This payment gateway restricts us to use its VPN for communicating with its API. The problem is as soon as I connect to this VPN, internet connectivity for UWP apps stop functioning. First I thought its problem with my app but even standard apps like Store and Edge browser even doesn't work. Please let me know a workaround to make UWP apps to function with VPN. Since other apps apart from UWP function properly like Firefox, IE, etc easily open up web pages. Skype desktop works... its just UWP apps which don't work.
Thanks in advance.
This will depend on how you are creating the VPN Interface and what the expectation for routing as well as the Interface classification is.
Classification : Network classification such as Private, Public, Domain. You can check the interface classification by running the Powershell Commadlet :
Get-NetConnectionProfile
This will impact the UWP traffic since, if the traffic is trying to go through the VPN, it will require the Private Networking Capability to be able to go through an Interface marked as Private (and there are no other Network Isolation rules set)
More details for at : https://msdn.microsoft.com/library/windows/apps/hh770532.aspx
To check if this is the issue one quick way would be to try using an inbox tool from an admin command prompt as follows
checknetisolation Debug -n=<Package Family Name>
You can get the for an app by running the Get-AppxPackage commandlet in Powershell. With the above command, you will be prompted to use the app and reproduce the issue. Once it has been reproduced you will come back to the app and hit Ctrl + C and it will display if it detected any Drops due to incorrect Capabilities.
Routing Now in general when a VPN connection is made and no routes are set it is marked as a Force Tunnel VPN. What that means is that the Default route for other interfaces gets disabled and the VPN interface's default route gets prioritized. I am not sure if this is your intention. If you only need to use the VPN to communicate with the Payment Gateway, you should consider making the VPN split tunneled after which apps like Edge and Store should continue working going over the physical interface and your App will work as long as it has the Private Networking capability.
From answers.microsoft.com (Thanks to "Ovidiu Cimpian")
go to Control Panel\Network and Internet\Network Connections
open the adapter for the vpn.
Right click -> properties and go to Networking tab.
Select internet protocol version 4 (and/or 6) -> properties -> advanced
deselect Use default gateway on remote network.
I am fairly new with MS Azure and developing remote apps.
Have read and viewed some learning stuff.
I use c# as my developing language, and as I have understood, its fairly simple to develop a windows application to run on an Azure server as remote app, which users anywhere on earth can run from their pc as if it was installed locally on their pc's. But in reality, it is more like, an RDP hiding behind the app.
The problem is that a database will be running on every users pc instead on the azure server. It is suppose to be like that by design, don't ask me why.
We tend to use "ms access" for the local DB, since everyone already have MS Office.
Anyway, back to the problem. What I am wondering is, how can I make my remote application on azure server communicate with the database installed locally on user(s) PC?
I have drawn a simple figure to explain what I mean.
http://snag.gy/ybyed.jpg
Back in the days when people used Modems to connect their PC's to the tubes, this would be theoretically possible (although maybe not a good idea). Nowadays, very very few PC's are connected directly to Internet.
In an Office, a PC will be connected via the company intranet to an external gateway and the PC will not be visible to anyone outside that gateway. The same is true at home, where the gateway is the router.
It would be possible with a lot of work to allow external access (from Azure) to the individual PC, but it would not be easy to set up. Further, you would need to write a piece of software to run on the PC which will listen on the correct Port for calls from Azure, will then run the appropriate SQL queries, and return the data to Azure. You might as well install SQL Server full edition on each PC.
Even if you do that, no security professional is going to let you actually open up the ports and firewalls to the internet; it's a lot of work doing that and you might as well just install random viruses on the PC - you'll get to the same point but faster and with less wasted time.
TL;DR: Not easy without a significant investment, and your PC will probably get trashed if you do.
This is actually possible by the magic of RDP protocol :)
Azure RemoteApp supports redirection for Windows machines as documented here: https://azure.microsoft.com/en-us/documentation/articles/remoteapp-redirection/
So, once you create an Azure RemoteApp collection, you can download the PowerShell cmdlets, enter your subscription ID and then you can enable drive redirection. This results in the local disk being mapped on the remote machine. You can try it out and see if performance is good enough.
The other alternative is that the database lives in an Azure storage account, as documented here: https://azure.microsoft.com/en-us/documentation/articles/remoteapp-anyapp/ .
You should NEVER store data on the Azure RemoteApp local machine.
/cd
You may find this question very odd but these days we have all sorts of windows and mobile phone apps. Although googling it didn't help but I thought may be someone somewhere knows the answer.
Is it possible to access an IIS hosted website on a mobile phone. Mobile phone is connected to the windows machine via usb cable. If it is possible then what is the procedure please.
IIS Website is written in asp.net mvc 4 razor with c#.
Unfortunately the network does not have a wifi so connecting to the windows machine via wifi is out of the question.
I am administrator of my windows machine.
At the moment, it is also not possible to host the website on the server and make it available over the internet.
My phone is latest android.
In simple words, I have a website that is hosted on IIS and the phone is connected to the machine via usb and I want to browse the website from my phone.
Some ideas from the top of my head:
If your mobile phone has internet access and you can access your network router (or you can ask your admin to do this for you) than you could just simply forward a port to your PC and connect from internet to your router with appropriate port. Please look into your router manual for more details
You can also buy cheap usb wifi key that you can use with your PC as set up direct connection with your phone
Depending on your mobile phone OS you can actually share internet connection (so probably at the same time give your phone access to your local PC) by using 3rd party software and some hacks - this is one for Android but requires rooted OS http://www.howtogeek.com/117118/how-to-connect-your-android-to-your-pcs-internet-connection-over-usb/
Good luck! :-)
And by this question I mean the user assigned names windows lets you type in like: "My home network" "Basement" "Garage" not the ssid (though I would also like to read that one for the wifi connections)
and I especially want to read the windows security levels that can be chosen for networks: Home/Office/Public
I want to use this information to switch programs on and off automatically when connecting to various networks.
Update:
Thanks to the answer of #Damien_The_Unbeliever I was able to solve my question and find the following information, I hope it will help others too:
Network awareness in windows 7 and vista (MSDN, Unmanaged)
Windows API Code Pack (Microsoft, managed wrapper for
NetworkListManager and others)
How to use the windows NLM API to get notified of new network
connectivity (Codeproject, Managed)
It sounds like you want to use the Network List Manager:
The Microsoft Windows networking environment allows multihomed computers to connect to several networks simultaneously. There may be multiple wireless networks available along with LAN and dial-up connections. Network List Manager identifies available networks and returns network attribute data to the application.
It's a COM API, I'm not aware of a managed equivalent.
I typically have not worried at all about piracy or copy protection with software however I currently find myself in a unique situation. I develop an application for repairing computers for a specific computer repair company. Recently an employee has decided to quit the company after only working there for one month, and took my toolset with her. She then started a computer repair company out of her home and is using my toolset to fix computers. I am not particularly concerned with this person as our lawyers are already in hot pursuit. My concern is with future instances of this where I may not find out about them.
What I would like are some ideas for ways to protect and or phone home without being too over-bearing. I hate software that is too protected and becomes annoying or worse yet, worthless. This application is never to leave the walls of the computer repair company as they do not do on-site repair and I think I can use this to my advantage.
I do have a couple of ideas about how to go about restricting usage to within the company but I would like to hear how others have dealt with situations like this. Currently I keep going back to checking the network for specific servers or ip ranges but does anyone else have any other ideas?
First i think you have to decide what you are protecting against, as game developers have learned over the years you cannot stop ppl from copying your app/game.
Assuming what you want to protect yourself against the above senario again, i can think of 2 ok solutions.And your app has access to the network "always" or normaly duing normal use.
Phone home:
Have the application phone home to some server software, either on the company network or via internet. Have the application send some information to the server, and have it respond with either OK or die command.
To prevent someone from stealing the server, hardcode the server application ( If its installed at the company) to accept 1 physical server ( IE requires the machines has X mac, Y CPU serial, L mainboard serial).
AppServer sending verification
Since you where thinking about sniffing the network from trafic thats posible, but might be better to have a server part that sends out a verficiation code ( IE some public,private key encrypted message with a timestamp?) at periodic intervals.
Depending on X server sends some network trafic every now and then does not seem logical, and could create issues ( IE that server gets removed, but nobody knows you app depends on it to respond to ping).
Also spending on being able to ping XXX.XXX.XXX.XXX and som MAC address in the network is fairly simple to fake.
I've been looking recently at using the open source Rhino Licensing solution http://hibernatingrhinos.com/open-source/rhino-licensing - this seems like quite a sophisticated solution and the source includes an example application which you could alter for your individual needs - e.g. you don't have to lock the user out if you don't want to.