RE: Wireless security question

• Previous message: Ivan Coric: "Re: Proxy Port detection"
• Maybe in reply to: Marty: "Wireless security question"
• Next in thread: Harshul Nayak: "RE: Wireless security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 23 Dec 2004 09:00:03 -0600
To: "Steve" <securityfocus@delahunty.com>, "Marty" <groupecci@yahoo.ca>, "Sec Basic" <security-basics@securityfocus.com>

Its hard to enforce technically so I agree you should have some policy.

you could have a laptop dmz that this person gets connected to that has limited resources available to it. Also depending on how deep your pockets are there is also software out there that can check to see if the wireless card is disabled, if the laptop has patches, virus software..etc.

-----Original Message-----
From: Steve [mailto:securityfocus@delahunty.com]
Sent: Wednesday, December 22, 2004 4:56 PM
To: Marty; Sec Basic
Subject: Re: Wireless security question

Policy against wireless, including cards. Remove his wireless card.

One risk you have is his laptop latching on to hostile networks, once with worms/viruses, as well as the threat you note.

----- Original Message -----
From: "Marty" <groupecci@yahoo.ca>
To: "Sec Basic" <security-basics@securityfocus.com>
Sent: Wednesday, December 22, 2004 11:57 AM
Subject: Wireless security question

Hi gang!

Here is a question for you...

We have a secure network with no wireless
connections whatsoever.

One of our laptop came in with credentials to log
on to the network through the Ethernet cable BUT
the person had just added a wireless card to his
laptop.

This situation actually came up and the person
could see external wireless networks (from other
companies around our building) and access
Internet through there. Yeah I know they're
stupid, but it's the real world!

This seems like a potential threat for taking our
data out the back door.
Copy files accessed through our network to
another network and voilà! No trace at all of the
mischief.

We monitor internet access and block non-company
Email (Yahoo, Hotmail etc.).

Suggestions?

Thanks and Happy Holidays!

Marty!

__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca

• Previous message: Ivan Coric: "Re: Proxy Port detection"
• Maybe in reply to: Marty: "Wireless security question"
• Next in thread: Harshul Nayak: "RE: Wireless security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages TidBITS#785/27-Jun-05 ... Jeff Carlson continues his exploration of computerized poker ... and Adam examines both the Canary Wireless ... Rogue Amoeba's Audio Hijack Pro ... A Canary in the Network ... (comp.sys.mac.digest) Re: Linksys NAS200 Network Storage adapter ... The only two wireless network settings that are of any consequence are the SSID and the encryption method and password. ... either click the "Print Network Settings" button on the final screen of the Wizard or simply access the appropriate XML file and get at them that way and then use the information to configure the router manually as I explained earlier. ... I've read thru some of the MS web site on that product and it appears to do everything a NAS will do plus other cool features, such as, with an xbox360 with the wireless adapter, I can stream my video/pics to my TV for family viewing. ... (microsoft.public.windowsxp.network_web) [NMRC Advisory] Microsoft Windows Wireless Exposure on Laptops ... Application: Wireless Network Connection ... This advisory documents an anomaly involving Microsoft's Wireless Network ... If a laptop connects to an ad-hoc network it can later start ... This is known as a Link-Local address, and by default Link-Local is turned on on all Windows platforms on all interfaces, including wireless interfaces. ... (Bugtraq) RE: palm VIIx wireless modem ... Here is a Wireless LAN Security FAQ, ... What are solutions to minimizing WLAN risk? ... that connects clients to the internal network. ... (Security-Basics) only 1299.99 ... With the arrival of the Sony Vaio VGN-UX280P Micro PC, ... Advanced Wireless Mobility ... integrates wireless Wide Area Network, ... and check e-mail without having to plug in your Sony Vaio notebook PC, ... (comp.periphs.printers)