Re: [fw-wiz] Discretionary WiFi Access

From: Jim Seymour (jseymour_at_linxnet.com)
Date: 07/21/05

  • Next message: Roger Rustad: "Re: [fw-wiz] Discretionary WiFi Access"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 21 Jul 2005 14:39:10 -0400 (EDT)
    
    

    "Paul D. Robertson" <paul@compuwar.net> wrote:
    >
    > On Fri, 8 Jul 2005, Josh Welch wrote:
    >
    > > I have setup an access point outside of our firewall for this express
    > > purpose. It is wide open and I simply monitor port usage to keep an eye
    > > out for any abuse, it hasn't been an issue so far.
    >
    > Isn't this kind of SBCYF[1]?

    "Kind of?" ;)

    Another thing, which I haven't seen discussed: It seems probable that
    the access in question would naturally be less restricted than what's
    normally allowed by ones corporate firewall, yeah? (Well, unless one
    has killed their firewall [1] ;).) E.g.: Perhaps SMTP, POP3, IMAP, Net
    Meeting (*barf*), etc., unfiltered. You'll want some way to keep
    employees with wireless capability from accessing your insecure
    courtesy WLAN--particularly whilst they're connected to your secured
    LAN (router, anybody?).

    I think it should be unnecessary point point out that some employees
    will inevitably try, and the multitude of dangers should they not be
    prohibited from succeeding.

    [1] Ref: "The Death Of A Firewall"

    Jim

    -- 
    Note: My mail server employs *very* aggressive anti-spam
    filtering.  If you reply to this email and your email is
    rejected, please accept my apologies and let me know via my
    web form at <http://jimsun.linxnet.com/scform.php>.
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Roger Rustad: "Re: [fw-wiz] Discretionary WiFi Access"

    Relevant Pages

    • Re: [fw-wiz] Assessment Of GoToMyPC vs. Network Security
      ... If you are allowing employees to add new WLANs, ... apps that require Administrator access. ... It sounds like you need to explain the idea that a firewall is not all ...
      (Firewall-Wizards)
    • Re: pcAnywhere...Outbound Only.
      ... >to connect to a host OUTSIDE of our network. ... Our firewall administrator, came to me and asks me if I had any ... >list of employees that can do this. ...
      (Security-Basics)
    • OWA access and security
      ... What I first like to know is what portdoes OWA needs to access from ... If I want to give our employees a save way to use this, ... Is it save to open the required ports on the firewall, ...
      (microsoft.public.windows.server.sbs)
    • pcAnywhere...Outbound Only.
      ... We have a rule on our firewall that allows all employees to use pcAnywhere ... is from inside our network to an outside host and not vise versa. ...
      (Security-Basics)
    • Re: pcAnywhere...Outbound Only.
      ... >>is from inside our network to an outside host and not vise versa. ... >>firewall administrator, came to me and asks me if I had any security issues ... He does not want the hassle of maintaining a list of employees ... You can tunnel VNC ...
      (Security-Basics)