Re: Business office space renter with wireless



Vic wrote:

I noticed in Microsoft Windows Network a Mshome domain that shouldn't be
there. Upon investigation I found that another business that rents office
space in our bank installed a wireless router and plugged it into our
router.
I was able to track down the other business laptops and found that they
were
indeed getting ip's and dhcp from our (2003) network.

Other than the fact that their laptop security is out of our control, what
other risks does having a wireless network in our routers pose?

How ever did *that* happen?! Of course it is a tremendous security problem.
And you run a bank?! With all that financial and personal information?!
Here are just a few reasons this is a horrible situation:

1. Any infected machine on their network can infect your entire network,
including your server.

2. If you've been so lax in your security, there's a good possibility that
any shared resources on your network are available to people on their
network. Which is now a shared network.

3. Aside from using up your bandwidth, you've opened yourself to data theft.

Don't you have an IT Dept.? You need to separate your network and secure it
from any others. If you don't have an IT Dept. (hard to believe that a bank
wouldn't), contract with a local professional security/networking firm to
come and get you straightened out.

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ

.



Relevant Pages

  • RE: Security and the Under 30 User
    ... ages, sexes, colors, creeds, succumb -- even the holiest of holy network ... I've been into IT security since I was 12. ... I have friends about my age that have had their bank information ... crowd's attitude towards IT security. ...
    (Security-Basics)
  • [Full-Disclosure] iDEFENSE Security Advisory 06.11.03: Denial of Service Vulnerability in SMC Networ
    ... Denial of Service Vulnerability in SMC Networks' Barricade Wireless ... SMC Networks' Barricade Wireless Cable/DSL Broadband Router, ... Stateful Packet Inspection firewall security, network management, ...
    (Full-Disclosure)
  • RE: Security and the Under 30 User
    ... warming people to the need for security. ... ages, sexes, colors, creeds, succumb -- even the holiest of holy network ... I have friends about my age that have had their bank information ... crowd's attitude towards IT security. ...
    (Security-Basics)
  • Re: Public/Private network split.
    ... The only thing I am currently trying to address is the security of the ... {AS yet to be determined Router with wireless access point -- ... I don't want people on the wireless .2 network to sniff ... on the equipment on the .1 network. ...
    (comp.security.misc)
  • RE: Bank Audit Best practices
    ... Your recommendation is in tune with best practices. ... educate the decision makers on internal FW, ACLs and network segmentation ... Subject: Bank Audit Best practices ... I'm looking for some feedback from other people who conduct security ...
    (Pen-Test)