Penetration Testing mailing list archives
Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects
From: Tim <tim-pentest () sentinelchicken org>
Date: Wed, 3 Mar 2010 14:42:36 -0800
I have noticed recently that most cafés which offer Free WiFi do so, not with a Wireless Encryption Method (WEP, WPA, WPA2, LEAP etc.) but with a Forced-Proxy Redirect. (usually https with 128-bit encryption) (I'm sure there's a better way of saying 'Forced-Proxy Redirect'...) What are the Security implications of using the Forced-Proxy Redirect method rather than a Wireless Encryption Method? Does the traffic still get tunnelled securely?
Probably not. I'm not sure exactly what the implementation details are in the scenarios you're talking about, but chances are it would be vulnerable to attacks similar to those used in sslstrip. E.g.: Attacker conducts MitM attack and responds to HTTP request (stripping all HTTPS links) with the victim while utilizing the "secure" forced proxy upstream to retrieve pages.
What are the advantages & disadvantages when comparing these two Design choices?
You'd think WPA2 would be a much better choice security-wise, but I'm not sure similar attacks can't be done if everyone has the PSK. Obviously, using separate PSKs for each user is pain without proper software support and a super-easy distribution mechanism. I'm sure some other folks might have some opinions on this. tim ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Chip Panarchy (Mar 03)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Tim (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Zaki Akhmad (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Jon Janego (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Malick Sy (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 04)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Malick Sy (Mar 08)
- Re: RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 11)
- RE: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects Cedric Blancher (Mar 04)
- Re: Wireless Encryption Methods (eg; WPA2) vs Forced Secure Proxy Redirects debiantech (Mar 08)