RE: Wireless access

From: Mitchell Rowton (mrowton_at_bdo.com)
Date: 03/30/04

  • Next message: Mitchell Rowton: "Re: Secure host newbie" 
    Date: Tue, 30 Mar 2004 12:50:38 -0500
To: <jswhitford@acm.org>, <Robert.Mezzone@PJSolomon.Com>, <security-basics@securityfocus.com>

    This reminds me of an old conversation. Will you be liable if one
    extranet partner uses your connection to bad things to another extranet
    partner?

    I don't think there was ever a firm answer from legal. But its my (NOT
    LAWYER) opinion, that if you make a reasonable effort to keep things
    like this from happening i.e changing and disabling broadcast of the
    SSID, then you won't be liable. You have to strike a balance between
    how much time=money you are willing spend to protect someone else from
    someone else. I would be a good internet citizen, and make certain
    configuration changes to restrict this type of incidental use, but I
    would not recommend spending money (on a firewall for example) on this
    type of circumstance. 

    --
Mitchell
>>> Robert Mezzone <Robert.Mezzone@PJSolomon.Com> 03/29/04 12:17PM >>>
As an example, what happens if a person (unknowingly) connects
wirelessly
and downloads a music file?  They are outside our firewall but they
are
still connected to our network. Wouldn't the company still be liable?
Thanks.
Robert
NOTICE:
The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP.  This information is only for the viewing or use of the intended recipient.  If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof.  If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately.
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
  • Next message: Mitchell Rowton: "Re: Secure host newbie"