[PLUG] Looking for some WiFi AP Security Advice
Mark Phillips
mark at phillipsmarketing.biz
Thu Dec 28 23:40:37 UTC 2023
@MC_Sequoia
On Sun, Dec 24, 2023 at 3:23 PM MC_Sequoia <mcsequoia at protonmail.com> wrote:
> "I want to set up some sort of secure connection between the cell phone
> and the web site running on the Pi."
>
> This should be doable via a vpn client/server. A quick google search on
> "raspberry pi cell phone vpn" returned this:
>
Are you saying a VPN is needed along with the SSL, or as a replacement? Why
both, or why as a replacement?
>
> "If you're going to be connecting to Pi VPN on a mobile device, I
> recommend OpenVPN Connect, the official client. It's completely free and
> integrates really well with iOS and Android. The first step is to open the
> App Store or Play Store, depending on your device. In either case, search
> for OpenVPN Connect"
>
> You should be able to easily find step-by-step instructions to do get this
> setup and working.
>
> That'll solve the secure connection between the cell ph and the Rpi hosted
> website, but that doesn't your "main concern is an attacker connecting to
> the web site and igniting the rocket while the user is connecting thew
> wires to the igniter."
>
> I'm going to suggest the probability of this happening is your best
> security.
>
> However, I'm not the adult that's responsible for children's safety.
>
> The big question here is whether the Rpi hosted website is accessible from
> the internet?
>
It is not accessible to the Internet, as the AP is not connected to the
Internet.
>
> My suspicion is that it would have a non-internet routable private not
> pubic ip addr in the following ip addr ranges:
> 10.0. 0.0 to 10.255. 255.255.
> 172.16. 0.0 to 172.31. 255.255.
> 192.168. 0.0 to 192.168. 255.255.
>
> If the Rpi website is accessible via the public internet than there's 2
> other other options.
>
> 1. Learn about securing/hardening a Rpi.
> https://www.chrisapproved.com/blog/raspberry-pi-hardening.html
>
> 2. Change all the passwords and codes on launch day.
That is a given. Sorry I didn't mention it.
>
>
> I hope that's somewhat helpful.
>
>
>
>
>
>
>
>
More information about the PLUG
mailing list