In DHCP Discovery, we explored the DHCP protocol and the kind of information the client device reveals about itself. DHCP fingerprinting is taking that information in order to classify the operating system and/or vendor of the device. The technique is finding it's way into commercial applications, CoovaRADIUS included, but, it's easy to do yourself too; here's how.

RADIUS is a protocol "for carrying authentication, authorization, and configuration information between a Network Access Server (NAS) which desires to authenticate its links and a shared Authentication Server (AS)." RADIUS uses UDP packets that carry one or more RADIUS attributes.

There are several possible authentication protocols that can run within RADIUS. The simplest is PAP, where the user password is transmitted encoded with the shared secret between the NAS and AS.

The Dynamic Host Configuration Protocol (DHCP) is a standard way for client devices to acquire an IP address and other configurations (DNS, Gateway, etc) on a network. This is particularly true in public access networks; as such, DHCP is integral to chilli, and always has been. Of course, it could certainly be more flexible. As it is now, you can't really do much in the way of customizing your DHCP configurations. I have some ideas for CoovaChilli, and some DHCP discovery to share.

There is a new version of CoovaAAA deployed! The highlights:

• Ability to create access policies defining time and data limits
• Share with users or entire realms based on a policy
• Generate a limited number of access codes based on a policy
• Support for CoovaChilli/Chillispot data limits based on a policy
• Stopping stale sessions when the NAC reboots
• Updated Facebook and new general use captive portal
• Bug fix concerning WPA-only option

There are new releases to announce, first of all. CoovaChilli version 1.0.11 was released with some bug fixes, leading to a new version of CoovaAP, released as 1.0-beta.7d, to include the new Chilli. Last, but not least, CoovaAAA was updated, as was the Coova HotSpot Facebook application, to work with the new Facebook Pages.

During the past few months, I have been doing a lot of work with the Google Web Toolkit - an open-source Java software development framework that makes writing AJAX applications a bit easier. With GWT, you build your browser-based (client) application in Java which is "compiled" into a cross-browser JavaScript application.