[Chilli] Wifi security
sherca at gmail.com
Fri Jan 4 14:06:36 UTC 2013
Thank you all so much for your answers. So to sum up. My goal was to :
1. make connection as easy as possible for the users : no login / passord
via WPA or other, no authentification on Radius (hidden fields for login /
password) just a Term of Agreements page.
2. at least a minimum of security while browsing : users isolated one from
the others and immuned to Firesheep (session stealing).
As it appears, 1 is not possible if 2. In order to get 2, one must go
through either use of WPA 2 (Entreprise ?), or some settings from client
side, or use https only or via VPN.
Please feel free to correct me if I am wrong or if I forgot something.
Thank you again for your help.
2013/1/4 Timothy White <timwhite88 at gmail.com>
> On Fri, Jan 4, 2013 at 12:24 AM, sherca <sherca at gmail.com> wrote:
>> Thank you for your answer. This is what I meant, coova-chilli (https
>> landing page) and freeradius are not enough to prevent attacks like
>> firesheep, right ?
>> Indeed one can use wpa2 entreprise, but the question is : do we have to ?
> Firesheep generally uses the fact the the Wifi clients can see each others
> traffic. WPA(2) plus client isolation on the wireless access point are 2
> things to do to help prevent it. Coova Chilli has no part in preventing
> firesheep as it occurs before firesheep.
> Should you use something like WPA2? Probably to prevent firesheep. Or
> introduce your clients to HTTPS everywhere or if using wireless without any
> encryption, then VPN's.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chilli