Re: security effects of adding wireless access
From: Leonid Rosenboim (My_1st_name@Consultant.Com)
Date: 12/16/02
- Next message: mh: "Re: windows update kills kerio firewall everytime!"
- Previous message: Leonid Rosenboim: "Re: Spyware....Focadata?"
- In reply to: sponge: "Re: security effects of adding wireless access"
- Next in thread: Charles Newman: "Re: security effects of adding wireless access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Leonid Rosenboim" <My_1st_name@Consultant.Com> Date: Mon, 16 Dec 2002 15:32:02 +0200
I do not see much difference between this, and a WiFi hotspot
in a cofee shop, airport launge or a Hotel lobbym and they
all apparently doing this everywhere, and in some of these
places access is totally free and non-authenticated.
Yes, there are issues when you let just anybody walk in
and us eyour bandwdith, but then again, anybody can walk
into the library and start shooring at everyone, so they could
walk into the local cofee shop.
Do not overestimate the issues of network security beyond
issues of physical security.
Now to the subject at hand, with an oper-source access point
you can effectively disable any communications between clients
on the WLAN, only let them go to the Internet, and you could
(and should) at least log the MAC address of everyone that
succesfully associates with time and bytes transferred information.
If FBI comes knocking on your door, these logs should pretty much
let you off the hook.
Another approach I can think of, is just hookup with T-Mobile
(the guys that are putting Hotspots in many public places),
let them put one in your library, and they will even pay you
for the right to do this, and will charge your visitors for the priviledge.
"sponge" <mtubi@python.net> wrote in message
news:3dfb1b00.13095137@corp.newsgroups.com...
> *** post for FREE via your newsreader at post.newsfeed.com ***
>
> Security issues aside, I see real liability issues with that. With any
> network where someone can walk in and plug in. What if someone visits
> with a laptop and spams Yahoo or DoS' somebody. Unless your library
> has a rock-solid user validation mechanism, This seems to have too
> many liabilities.
>
> On 13 Dec 2002 05:57:21 -0800, John_Pankowicz@hotmail.com (John
> Pankowicz) wrote:
>
> >Hi,
> >
> >This may seem a little off topic, but I felt those of you working with
> >firewalls would probably provide me with the best answers to my
> >question.
> >
> >My local library has three PC's that are constantly in use. One has to
> >sign up a day in advance for a half-hour use. I would like to suggest
> >that they install a wireless access point. What new security or other
> >problems could be introduced when adding wireless access to a LAN that
> >already has publicly available PC's. I have not installed firewalls
> >but I have many years network programming experience.
> >
> >I can't understand why so few libraries have not installed wireless
> >access points, which can now be bought for about $80. I can't see how
> >this can introduce a new security risk. The rest of the network must
> >already be protected from the public PC's. If not, any moderately
> >intelligent patron could wreck havoc on their networks. Even if they
> >attempt to limit what can be run on the PC, this is fairly easy to get
> >around when you have physical access to the machine.
> >
> >I don't think that the issue is that they can't control what is
> >running on the patron's PC. They can still control what Internet sites
> >are accessed through the web proxy and/or firewall. And the internal
> >machines that are reachable will be the same machines that are
> >currently reachable by the desktop PC's.
> >
> >There doesn't seem to be an issue with overloading their network. They
> >can control how many wireless devices can access the network at the
> >same time through settings in the wireless access point.
> >
> >Apart from just the installation of the wireless access point itself,
> >this doesn't seem to require much work on the part of the library
> >support staff. They will need to have a flyer that tells the public
> >how to use the wireless network, what settings to make on their PC,
> >etc. I have already spoken with a librarian who has a wireless network
> >and I was told that support is almost not needed. Patrons help each
> >other with setting up their PCs.
> >
> >Does anyone see any problems that I am not aware of? The library
> >employees may just give me the brush-off and tell me it is too
> >complicated, not secure enough, requires too much support, etc. If
> >this happens, I would like to approach the library board and be able
> >to answer these questions.
> >
> >Thanks for any help,
> >John
>
>
>
> -----= Posted via Newsfeed.Com, Uncensored Usenet News =-----
> http://www.newsfeed.com - The #1 Newsgroup Service in the World!
> -----== 100,000 Groups! - 19 Servers! - Unlimited Download! =-----
>
- Next message: mh: "Re: windows update kills kerio firewall everytime!"
- Previous message: Leonid Rosenboim: "Re: Spyware....Focadata?"
- In reply to: sponge: "Re: security effects of adding wireless access"
- Next in thread: Charles Newman: "Re: security effects of adding wireless access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
