Re: [fw-wiz] Discretionary WiFi Access

• Previous message: Yehuda Goldenberg: "FW: [fw-wiz] VOIP versus PBX"
• In reply to: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
• Next in thread: Josh Welch: "Re: [fw-wiz] Discretionary WiFi Access"
• Reply: Josh Welch: "Re: [fw-wiz] Discretionary WiFi Access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Thu, 21 Jul 2005 14:39:10 -0400 (EDT)

"Paul D. Robertson" <paul@compuwar.net> wrote:
>
> On Fri, 8 Jul 2005, Josh Welch wrote:
>
> > I have setup an access point outside of our firewall for this express
> > purpose. It is wide open and I simply monitor port usage to keep an eye
> > out for any abuse, it hasn't been an issue so far.
>
> Isn't this kind of SBCYF[1]?

"Kind of?" ;)

Another thing, which I haven't seen discussed: It seems probable that
the access in question would naturally be less restricted than what's
normally allowed by ones corporate firewall, yeah? (Well, unless one
has killed their firewall [1] ;).) E.g.: Perhaps SMTP, POP3, IMAP, Net
Meeting (*barf*), etc., unfiltered. You'll want some way to keep
employees with wireless capability from accessing your insecure
courtesy WLAN--particularly whilst they're connected to your secured
LAN (router, anybody?).

I think it should be unnecessary point point out that some employees
will inevitably try, and the multitude of dangers should they not be
prohibited from succeeding.

[1] Ref: "The Death Of A Firewall"

Jim

-- 
Note: My mail server employs *very* aggressive anti-spam
filtering.  If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.linxnet.com/scform.php>.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Yehuda Goldenberg: "FW: [fw-wiz] VOIP versus PBX"
• In reply to: Paul D. Robertson: "Re: [fw-wiz] Discretionary WiFi Access"
• Next in thread: Josh Welch: "Re: [fw-wiz] Discretionary WiFi Access"
• Reply: Josh Welch: "Re: [fw-wiz] Discretionary WiFi Access"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [fw-wiz] Assessment Of GoToMyPC vs. Network Security ... If you are allowing employees to add new WLANs, ... apps that require Administrator access. ... It sounds like you need to explain the idea that a firewall is not all ... (Firewall-Wizards) Re: pcAnywhere...Outbound Only. ... >to connect to a host OUTSIDE of our network. ... Our firewall administrator, came to me and asks me if I had any ... >list of employees that can do this. ... (Security-Basics) OWA access and security ... What I first like to know is what portdoes OWA needs to access from ... If I want to give our employees a save way to use this, ... Is it save to open the required ports on the firewall, ... (microsoft.public.windows.server.sbs) pcAnywhere...Outbound Only. ... We have a rule on our firewall that allows all employees to use pcAnywhere ... is from inside our network to an outside host and not vise versa. ... (Security-Basics) Re: pcAnywhere...Outbound Only. ... >>is from inside our network to an outside host and not vise versa. ... >>firewall administrator, came to me and asks me if I had any security issues ... He does not want the hassle of maintaining a list of employees ... You can tunnel VNC ... (Security-Basics)