Well, I don't think pushing any sort of group policy on a community network is going to fly.
The only solution I can think of would be to set up a VPN server and publish the account information in the captive portal...those that wish to can use it. 90% of users won't know what the hell we're talking about, but the 10% who are worried about it can easily use the VPN as a way of securely tunneling through the air...becomes a problem with a mesh network with multiple gateways however. Can Meraki provide for a separate WPA2 SSID? Could you publish the WPA2 key for those that want extra security? It is my understanding that WPA2 provides for near wireline security...even between authenticated users? -M@ On Thu, Feb 4, 2010 at 5:50 PM, Steve Shapery <[email protected]> wrote: > First thought - push a GPO that only allows browsers to work using a proxy > on the far end of a VPN. But if the hotspot requires user intervention of > some form to gain access, then no good. > > Second thought - disable javascript in your browser. > > Third thought - set the cache/cookies/etc to auto-clear every time you close > your browser, similar to the 'in-private' mode of IE. Still potentially can > infect during the session at the hotspot. > > Fourth thought - SSL authentication to the captive portal. > > ...just off the top of my head. > > > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Drew > Sent: Thursday, February 04, 2010 5:23 PM > To: SoCalFreeNet.org General Discussion List > Subject: [SCFN] How Wi-Fi attackers are poisoning Web browsers > > Anyone have any insight or experience with this? > > http://www.networkworld.com/news/2010/020310-black-hat-wi-fi-attackers.html > > _______________________________________________ > SoCalFreeNet.org General Discussion List To unsubscribe, please visit: > http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org > > > _______________________________________________ > SoCalFreeNet.org General Discussion List > To unsubscribe, please visit: > http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org > _______________________________________________ SoCalFreeNet.org General Discussion List To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
