Search squid archive

Secure Squid authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The place I was working before this one was a center with several Wi-Fi hotspots. I didn't designed the structure of the network nor had the privileges to change core functionalities on the network. Squid was running as a web proxy server receiving all the traffic coming from the Wi-Fi hotspots to the internet. When I started working there I was asked to do a assessment job and I realized that authentication between user and squid was non-secure (*plaintext*). This is a critical secure breach because with a network scanner as wireshark you could easily get users password. On a totally wired network this could be harder to achive but on Wi-Fi hotspots you could get all the data running your device in monitor mode. My question is:

- ¿Is there any how to tutorial about implementing SSL authentication on squid? I guess this already has been done so a link should be enough in order to save you guys some time.

- Second and less important, even off-topic. Putting squid out of the ecuation, is there another way to secure the data being transmitted between user device and Wi-Fi hotspot?

Thanks in advance!

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux