Re: [fw-wiz] Discretionary WiFi Access

From: Josh Welch (jwelch_at_buffalowildwings.com)
Date: 07/22/05

  • Next message: Dave Piscitello: "Re: [fw-wiz] Internet accessible screened subnet - use public orprivate IPs?"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 22 Jul 2005 07:56:58 -0500
    
    

    Jim Seymour wrote:
    > "Paul D. Robertson" <paul@compuwar.net> wrote:
    >
    >>On Fri, 8 Jul 2005, Josh Welch wrote:
    >>
    >>
    >>>I have setup an access point outside of our firewall for this express
    >>>purpose. It is wide open and I simply monitor port usage to keep an eye
    >>>out for any abuse, it hasn't been an issue so far.
    >>
    >>Isn't this kind of SBCYF[1]?
    >
    >
    > "Kind of?" ;)
    >
    > Another thing, which I haven't seen discussed: It seems probable that
    > the access in question would naturally be less restricted than what's
    > normally allowed by ones corporate firewall, yeah? (Well, unless one
    > has killed their firewall [1] ;).) E.g.: Perhaps SMTP, POP3, IMAP, Net
    > Meeting (*barf*), etc., unfiltered. You'll want some way to keep
    > employees with wireless capability from accessing your insecure
    > courtesy WLAN--particularly whilst they're connected to your secured
    > LAN (router, anybody?).

    Now this is a much more interesting argument to me. One which I will
    take up with my management. I'm a bit annoyed that this one didn't occur
    to me in the first place.

    Thanks,
    Josh
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Dave Piscitello: "Re: [fw-wiz] Internet accessible screened subnet - use public orprivate IPs?"