Re: Perhaps the most OBVIOUS question you will ever see.

From: Matt Gibson (mattg_at_blueedgetech.ca)
Date: 01/30/05 

Date: Sun, 30 Jan 2005 13:45:19 -0800

You obviously have NEVER heard of ARP spoofing attacks.

-Matt

"Patrick J. LoPresti" <patl@users.sourceforge.net> wrote in message
news:s5gk6px64d1.fsf@patl=users.sf.net...
> Here is a somewhat contrarian opinion.
>
> First of all, relax a little. This is not that bad if you have the
> sort of internal access controls which you ought to have anyway.
>
> A wireless attacker cannot "sniff" anything except other wireless
> traffic. Packets to and from machines on the wired network are not
> sent over the wireless, period. In order to sniff most of your
> traffic, the attacker would need to compromise a machine on the
> internal network. And even then, a switched network (like most are
> today) would make sniffing useless.
>
> And even the most basic Windows authentication mechanisms do not send
> passwords in the clear.
>
> A wireless attacker has the same access as an employee who has
> forgetten his password; no more, no less. So he can probably browse
> the Internet, send objectionable mail originating from your network,
> try to guess passwords, seek out unpatched security flaws on internal
> systems, and so on.
>
> But if you are a serious network admin, you should already be
> preventing (or at least noticing) any of these. By far the most
> widespread and expensive security compromises are inside jobs. They
> do not make the newspapers because they are not "sexy" and companies
> do not like to publicize them. But disgruntled or curious employees
> are the biggest threat you face, and if your network is secure against
> them, it will be secure against a wireless attacker.
>
> That said, it is certainly not considered best practice to have an
> unsecured wireless access point behind your firewall, because you
> might as well not have a firewall. Which is actually how I would
> argue this to management: For anybody within range, your firewall does
> not exist.
>
> On the other hand, unsecured access points in a DMZ are not uncommon.
> Many companies find that the convenience of easy binding to the
> wireless network (especially for visitors) is worth the cost/risk of
> providing free Internet access to anyone nearby.
>
> - Pat
>
>
> "Curious George" <curious@spampoop.com> writes:
>
>> Dear Colleagues:
>>
>> For the life of me I don't know why I have to ask this question since the
>> answer is so obvious, however, I need to have others tell me that I am
>> not
>> completely insane.
>>
>> I work at a place where we have a myriad of wireless access points and
>> NO, I
>> am not writing from there at present.
>>
>> NONE of the wireless access points has any form of security on them
>> whatsoever. No WEP, no CHAP. . . no nothing. Everything is open so you
>> could walk into our joint, grab an IP address and surf the web to your
>> heart's content.
>>
>> Here is the problem. My boss insists that its "no big deal" and that
>> since
>> the servers are on the inside and protected, we really don't have a thing
>> to
>> worry about. Furthermore, my boss is under the impression that since we
>> are
>> situated in a wide area, that nobody would be able to get into our
>> network
>> because of this distance. Needless to say, my boss does not consider
>> somebody sneaking into a parking lot with a laptop, a good network card
>> and
>> a directional bazooka antenna a possibility.
>>
>> So here is what I have to explain to my boss' boss and, perhaps, the
>> board
>> of directors. . . and here is where I can't help but laugh. I hope that
>> I
>> will be able to keep a straight face come Monday when I have to explain
>> myself to people why its important.
>>
>> Okay, so I know the analogies. For example, I understand that not having
>> a
>> secure wireless network with many Waps and high gain transmission
>> antennas
>> is the same as putting cables out to anybody within 'x' amount of yards
>> with
>> a sign that says "free internet access", but since I am going to be asked
>> these obvious questions, just what type of damage could somebody do?
>>
>> Yeah, I know about denial of service attacks, yeah I also know about
>> enumeration and password guessing, but considering that we have an SQL
>> server on the inside of our network (no, the sa account password is not
>> null) what are we talking about.
>>
>> I can envision so many things. Like somebody just sitting there
>> caputring
>> packets to get things like usernames, passwords and the like, but come
>> on. .
>> . what else could they do.
>>
>> I have read my boss the riot act many times, but this is now going to go
>> in
>> front of somebody over my boss' head, so, aside from giving them worst
>> case
>> scenarios, end of the world analogies, etc., how else could people break
>> in.
>>
>> Creative responses are appreciated and will be rewarded with much praise.
>>
>> I can't believe that I have to actually explain this to people, and this
>> entire thing would last about two seconds when it comes to talking with a
>> computer professional, but you see, my boss is under the impression that
>> they are a computer professional because they received a Master's degree
>> in
>> Comp Sci back in the 80's. I know that this line of thinking is
>> dangerous,
>> but I really want some creative answers to put my point across strongly,
>> and
>> yet professionally.
>>
>> Although I realize that this post will likely be the *** of many jokes
>> (which I will appreciate immensely) I never the less would appreciate a
>> bit
>> of useful information in your responses.
>>
>> I am going to have a serious drink now, and then bang my head against the
>> wall.
>>
>> Thanks in advance,
>>
>> CC