Meraki allows 2 SSIDs. So one can be open and one WPA2. This is what I do for the Mount Etna Park; one open and one WPA2 with key in the SSID name. mt-etna-park-freenet (open) park-freenet-wpa2-key--park1234 (WPA2-PSK).
WPA2 uses session keys for wireless privacy. Of course, someone could still spoof these SSIDs (since I publish the key) and use the JS cache poisoning attack. Roger P.S. Meraki is upgrading all Standard networks to Pro. Mine has already been upgraded. The biggest change at Mount Etna Park is that the splash and ads are now turned off... yeah no more splash page! This park network is still wide open to the Internet, 25/2Mbps On Feb 4, 2010, at 9:32 PM, Matt Fanady wrote: > Well, I don't think pushing any sort of group policy on a community > network is going to fly. > > The only solution I can think of would be to set up a VPN server and > publish the account information in the captive portal...those that > wish to can use it. > > 90% of users won't know what the hell we're talking about, but the 10% > who are worried about it can easily use the VPN as a way of securely > tunneling through the air...becomes a problem with a mesh network with > multiple gateways however. > > Can Meraki provide for a separate WPA2 SSID? Could you publish the > WPA2 key for those that want extra security? It is my understanding > that WPA2 provides for near wireline security...even between > authenticated users? > > > -M@ > > On Thu, Feb 4, 2010 at 5:50 PM, Steve Shapery <[email protected]> wrote: >> First thought - push a GPO that only allows browsers to work using a proxy >> on the far end of a VPN. But if the hotspot requires user intervention of >> some form to gain access, then no good. >> >> Second thought - disable javascript in your browser. >> >> Third thought - set the cache/cookies/etc to auto-clear every time you close >> your browser, similar to the 'in-private' mode of IE. Still potentially can >> infect during the session at the hotspot. >> >> Fourth thought - SSL authentication to the captive portal. >> >> ...just off the top of my head. >> >> >> >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Drew >> Sent: Thursday, February 04, 2010 5:23 PM >> To: SoCalFreeNet.org General Discussion List >> Subject: [SCFN] How Wi-Fi attackers are poisoning Web browsers >> >> Anyone have any insight or experience with this? >> >> http://www.networkworld.com/news/2010/020310-black-hat-wi-fi-attackers.html >>
_______________________________________________ SoCalFreeNet.org General Discussion List To unsubscribe, please visit: http://socalfreenet.org/mailman/listinfo/discuss_socalfreenet.org
