[Chilli] Wifi security

sherca sherca at gmail.com
Fri Jan 4 14:06:36 UTC 2013


Thank you all so much for your answers. So to sum up. My goal was to :
1. make connection as easy as possible for the users : no login / passord
via WPA or other, no authentification on Radius (hidden fields for login /
password) just a Term of Agreements page.
2. at least a minimum of security while browsing : users isolated one from
the others and immuned to Firesheep (session stealing).

As it appears, 1 is not possible if 2. In order to get 2, one must go
through either use of WPA 2 (Entreprise ?), or some settings from client
side, or use https only or via VPN.

Please feel free to correct me if I am wrong or if I forgot something.

Thank you again for your help.


2013/1/4 Timothy White <timwhite88 at gmail.com>

>
>
>
> On Fri, Jan 4, 2013 at 12:24 AM, sherca <sherca at gmail.com> wrote:
>
>> Thank you for your answer. This is what I meant, coova-chilli (https
>> landing page) and freeradius are not enough to prevent attacks like
>> firesheep, right ?
>>
>> Indeed one can use wpa2 entreprise, but the question is : do we have to ?
>>
>
> Firesheep generally uses the fact the the Wifi clients can see each others
> traffic. WPA(2) plus client isolation on the wireless access point are 2
> things to do to help prevent it. Coova Chilli has no part in preventing
> firesheep as it occurs before firesheep.
>
> Should you use something like WPA2? Probably to prevent firesheep. Or
> introduce your clients to HTTPS everywhere or if using wireless without any
> encryption, then VPN's.
>
> Tim
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130104/0f44412d/attachment.html>


More information about the Chilli mailing list