Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects

From: Chip Panarchy <forumanarchy () gmail com>
Date: Wed, 3 Mar 2010 23:19:09 +1100
Hello

I have noticed recently that most cafés which offer Free WiFi do so,
not with a Wireless Encryption Method (WEP, WPA, WPA2, LEAP etc.) but
with a Forced-Proxy Redirect. (usually https with 128-bit encryption)

(I'm sure there's a better way of saying 'Forced-Proxy Redirect'...)

What are the Security implications of using the Forced-Proxy Redirect
method rather than a Wireless Encryption Method?

Does the traffic still get tunnelled securely?

What are the advantages & disadvantages when comparing these two Design choices?

Please alleviate my concerns.

Thanks in advance,

Chip D. Panarchy

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: