Summary of campus network types:
-
Certification type
A rough classification of authentication types can be divided into client authentication and web page authentication;
Client: The so-called client uses specific software to send requests to the server to obtain Internet access permissions through dial-up, message requests, etc.; more common ones include netkeeper dial-up, Ruijie authentication, DR.COM, etc.
Web page authentication: Users can directly open the browser to enter the web interface to log in to their account. The browser sends a message to the server to request access to the Internet. This type of authentication generally has a complete framework launched by the operator, and each school can customize it differently. The front-end interactive interface (login interface) is actually the same, some will use get requests, and some will use post (higher security) requests. Therefore, no matter what interface it is, it can be collectively called "web page authentication".
-
Detection type
Note on detection: There are many ways to detect multiple devices on campus networks. Generally speaking, they can be divided into header detection and deep packet detection. Each authentication method is not closely related to its detection method. For example, if you are a dr Web page, so does he, but the testing of your two schools is different, and there is no connection between them. Schools are free to use different certification frameworks and testing plans, so no one can judge the testing method by looking at the login page.
The campus network that detects some information based on packet headers (TTL value, clock offset, UA agent, etc.) has a characteristic: it consumes less computing power and can quickly determine whether there is shared Internet access behavior. This type of detection basically opens If the hotspot exceeds a few minutes, the account will be blocked. The defense methods for this type of detection are relatively simple, and there are free solutions online. But it requires strong hands-on ability.
Deep packet detection: This type of detection is performed by analyzing data packet information, such as detecting how many online QQ accounts, game accounts, etc. exist in the data packet in the current IP. This type of detection is very tricky and consumes a lot of computing power, so When this kind of detection exists alone, generally hotspot sharing will not be directly blocked when hotspot sharing is opened. The server will perform batch detection, random detection, or filter suspicious IP detection in a period of time. If you are lucky, it may not be detected for a few days. If you are not lucky, it may not be detected for a few days. Your account will be blocked within a few minutes. This type of detection can only be defended by encrypting the data you send, such as proxy servers (it seems that this solution is currently used)
Regarding bypassing: More than 90% of schools have blocked ports. It is often unrealistic to use this method to access the campus network for free, and the network data using proxy server traffic is very unstable and has high latency. , low bandwidth. Whether it can be bypassed has nothing to do with the type of campus network...