Re: Wireless security question

• Previous message: Ravi Kumar: "Re: what is required for an engineer to become an SECURITY engineer"
• In reply to: Marty: "Wireless security question"
• Next in thread: Andrew Shore: "RE: Wireless security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 23 Dec 2004 10:42:33 +0200
To: Marty <groupecci@yahoo.ca>

Actually I don't think it is possible to prohibit wireless networks from
laptops, since some laptops come with their wireless card built in, what
more, I do believe that one should concentrate most of the efforts in
finding the solution on one's network, and not on the clients side to
solve such problems. How about creating a separate LAN for mobile
devices? which will be heavily monitored and limited in it's services
(maybe even wireless :) ) and require port authentication on every
switch on you're LAN (IEEE 802.1X) so that you'll know who's connected
where, and the laptop computers will be forced to that "special" LAN, on
which you may restrict and monitor traffic easier.

BTW, in my opinion, USB mass storage devices (disk on key etc...) pose a
higher threat than Laptops. :)

Liran Cohen
TheOg

Marty wrote:
> Hi gang!
>
> Here is a question for you...
>
> We have a secure network with no wireless
> connections whatsoever.
>
> One of our laptop came in with credentials to log
> on to the network through the Ethernet cable BUT
> the person had just added a wireless card to his
> laptop.
>
> This situation actually came up and the person
> could see external wireless networks (from other
> companies around our building) and access
> Internet through there. Yeah I know they're
> stupid, but it's the real world!
>
> This seems like a potential threat for taking our
> data out the back door.
> Copy files accessed through our network to
> another network and voilà! No trace at all of the
> mischief.
>
> We monitor internet access and block non-company
> Email (Yahoo, Hotmail etc.).
>
> Suggestions?
>
> Thanks and Happy Holidays!
>
> Marty!
>
>
> __________________________________________________________
> Lèche-vitrine ou lèche-écran ?
> magasinage.yahoo.ca

• Previous message: Ravi Kumar: "Re: what is required for an engineer to become an SECURITY engineer"
• In reply to: Marty: "Wireless security question"
• Next in thread: Andrew Shore: "RE: Wireless security question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: My Documents Redirection with Laptop using WiFi ... I might have dreamed that auto-enrollment success message. ... but I connect to the wireless network normally. ... your laptops, the laptop won't authenticate to it. ... (microsoft.public.windows.server.sbs) Re: Wireless laptops on domain ... The Laptops are Wireless. ... establishing a VPN tunnel back into the network fine. ... I used a seperate segment for the wireless network and vpn tunnels back to ... (microsoft.public.windows.server.sbs) Re: Secure workgroups! ... you're mixing threat models when you introduce theft of laptops. ... stolen set) then you aren't going to get very far into the wireless network. ... I try to avoid add-ons like VPN clients and such. ... (microsoft.public.security) Re: Multi-AP WiFi best practice ... A walk around the school showed 2 APs in every classroom. ... how would a WiFi expert set this network up? ... laptops to use the new one, thus avoiding all 16 using the same AP ... in education and I am a member of the janet wireless advisory group. ... (uk.telecom.broadband) Re: Doesnt anyone Know anything about roaming? ... Roaming is supported in IAS and should work great. ... >> the Laptops will not properly differentiate between the APs: except for>> signal strength, so you'd need to set channels differently for each one. ... >> First, make sure everything you buy conforms to the dominant wireless>> standard known as 802.11b, or Wi-Fi. ... >> you can mix brands, operating systems, even network a Mac to a Windows PC>> and ... (microsoft.public.internet.radius)