[SCFN] How Wi-Fi attackers are poisoning Web browsers

Matt Fanady mfanady at gmail.com
Thu Feb 4 21:32:31 PST 2010 

Well, I don't think pushing any sort of group policy on a community
network is going to fly.

The only solution I can think of would be to set up a VPN server and
publish the account information in the captive portal...those that
wish to can use it.

90% of users won't know what the hell we're talking about, but the 10%
who are worried about it can easily use the VPN as a way of securely
tunneling through the air...becomes a problem with a mesh network with
multiple gateways however.

Can Meraki provide for a separate WPA2 SSID?  Could you publish the
WPA2 key for those that want extra security?  It is my understanding
that WPA2 provides for near wireline security...even between
authenticated users?


-M@

On Thu, Feb 4, 2010 at 5:50 PM, Steve Shapery <steve at shapery.com> wrote:
> First thought - push a GPO that only allows browsers to work using a proxy
> on the far end of a VPN. But if the hotspot requires user intervention of
> some form to gain access, then no good.
>
> Second thought - disable javascript in your browser.
>
> Third thought - set the cache/cookies/etc to auto-clear every time you close
> your browser, similar to the 'in-private' mode of IE. Still potentially can
> infect during the session at the hotspot.
>
> Fourth thought - SSL authentication to the captive portal.
>
> ...just off the top of my head.
>
>
>
>
> -----Original Message-----
> From: discuss-bounces at socalfreenet.org
> [mailto:discuss-bounces at socalfreenet.org] On Behalf Of Drew
> Sent: Thursday, February 04, 2010 5:23 PM
> To: SoCalFreeNet.org General Discussion List
> Subject: [SCFN] How Wi-Fi attackers are poisoning Web browsers
>
> Anyone have any insight or experience with this?
>
> http://www.networkworld.com/news/2010/020310-black-hat-wi-fi-attackers.html
>
> _______________________________________________
> SoCalFreeNet.org General Discussion List To unsubscribe, please visit:
> http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
>
>
> _______________________________________________
> SoCalFreeNet.org General Discussion List
> To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
>

More information about the Discuss mailing list