Secure Squid authentication

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Secure Squid authentication

Ing. Pedro Pablo Delgado Martell
The place I was working before this one was a center with several Wi-Fi
hotspots. I didn't designed the structure of the network nor had the
privileges to change core functionalities on the network. Squid was
running as a web proxy server receiving all the traffic coming from the
Wi-Fi hotspots to the internet. When I started working there I was asked
to do a assessment job and I realized that authentication between user
and squid was non-secure (*plaintext*). This is a critical secure breach
because with a network scanner as wireshark you could easily get users
password. On a totally wired network this could be harder to achive but
on Wi-Fi hotspots you could get all the data running your device in
monitor mode. My question is:

- ┬┐Is there any how to tutorial about implementing SSL authentication on
squid? I guess this already has been done so a link should be enough in
order to save you guys some time.

- Second and less important, even off-topic. Putting squid out of the
ecuation, is there another way to secure the data being transmitted
between user device and Wi-Fi hotspot?

Thanks in advance!

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Secure Squid authentication

Nicola Ferrari (#554252)
Hi!

You may find this recent post useful:
http://lists.squid-cache.org/pipermail/squid-users/2017-December/017060.html

Cheers,
N

--
+---------------------+
| Linux User  #554252 |
+---------------------+

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users