I used OpenVPN and a NetGear home router (WNDR3700), and dyndns.org to setup secure wireless access to my home workstation so I can do my Joomla work from the front porch (my summer office) or from Starbucks in the winter. If anyone is interested I'd be happy to share what and how I did it. Cheers! Herb
Herbert M. Tucker Principal Covenant Technical Services, Inc. P: 732-497-0326 C: 848-218-9172 F: 732-497-0326 E: [email protected] W: www.covenanttek.com ____________________________________________________________________________ ____________________________________________________________________________ ______ ------------------------------ Message: 3 Date: Fri, 3 Dec 2010 15:18:34 -0500 From: Stephen Britton <[email protected]> To: "NYPHP SIG: Joomla" <[email protected]> Subject: Re: [joomla] Always use SSL? Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1 I am glad you mentioned Firesheep. I have warning clients not to log in through the admin panel when visiting public WiFi places like Starbucks and Barnes & Noble because there is a good chance that bad folks are trolling for passwords with Firesheep. It has caused me to spend more time working from home where I use a wired connection than from my local Starbucks because I don't have a secure way to access Joomla admin panels. I am thinking that Firesheep is going to sell a lot of SSL certs. I am suggesting SSL to clients if they need to use wireless to access their sites. On Fri, Dec 3, 2010 at 1:44 PM, Gary Mort <[email protected]> wrote: > With the release of Firesheep....and my nomadic system lifestyle, I am > seriously reconsidering my former view of "man in the middle" attacks as a > low priority issue. > Looking over the Remember Me plugin, I note that it is easily hijacked via > Firesheep to allow a user without too much technical sophistication to > impersonate someone on a Joomla powered website if it is connected to > through normal HTTP instead of HTTPS. > The simple solution, which I am implementing for myself, is to setup a VPN > to an external system on the internet and tunnel all my traffic through > there. ?That at least removes the issue with open wifi access. > While self signed certificates can cause general users to become > uncomfortable and not wish to continue on a website, for my own sanity I'm > thinking a short little plugin that always redirects specific users who log > on to the https connection to log on again would be in order. > > > _______________________________________________ > New York PHP SIG: Joomla! Mailing List > http://lists.nyphp.org/mailman/listinfo/joomla > > NYPHPCon 2006 Presentations Online > http://www.nyphpcon.com > > Show Your Participation in New York PHP > http://www.nyphp.org/show_participation.php > _______________________________________________ joomla mailing list [email protected] http://lists.nyphp.org/mailman/listinfo/joomla End of joomla Digest, Vol 48, Issue 5 ************************************* _______________________________________________ New York PHP SIG: Joomla! Mailing List http://lists.nyphp.org/mailman/listinfo/joomla NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
