Security Basics mailing list archives
RE: Wireless access
From: Robert Mezzone <Robert.Mezzone () PJSolomon Com>
Date: Mon, 29 Mar 2004 12:17:27 -0500
As an example, what happens if a person (unknowingly) connects wirelessly and downloads a music file? They are outside our firewall but they are still connected to our network. Wouldn't the company still be liable? Thanks. Robert -----Original Message----- From: John S.Whitford [mailto:jswhitford () acm org] Sent: Friday, March 26, 2004 8:26 PM To: security-basics () securityfocus com Subject: Re: Wireless access On Fri, 26 Mar 2004 16:42:16 -0500, you wrote:
How do you handle wireless network security in a corporate environment? A couple of the people here want me to setup a wireless network so visitors can setup there laptop in a conference room, or anywhere in the office and connect to the network, internet not our internal network. I'm not to comfortable with this idea but I don't have the final say. It sounds like I would have to leave MAC access control turned off, or obtain the users MAC address then enter it into control list, and also provide the visitor with the SSID and the WEP password. Am I correct in this assumption. Wireless networking was suppose to make things easier in their eyes. Unless I leave everything wide open it's probably easier to plug an Ethernet cable in the PC.
I'd put the access point outside the firewall if you have the public DHCP address space. If not I'd put it on an isolated DMZ segment. SSID of "meetingroom" or "visitor" with WEP disabled. That gives them the Internet with no more rights than any other outsider. HTH Best Regards, John S. Whitford CCNA Whitford Enterprises Cisco Systems Registered Partner Microsoft Technical Partner APC Authorized Reliability Provider 832-594-4825 mobile jswhitford () acm org --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Wireless access, (continued)
- RE: Wireless access William D. Menzie (Mar 26)
- RE: Wireless access Rosado, Rafael (Rafael) (Mar 26)
- RE: Wireless access Judie Ayoola (Mar 26)
- RE: Wireless access Eric Brown (Mar 26)
- What Are These Shares(Remote Admin/Remote IPC)? Mark Sargent (Mar 29)
- Re: What Are These Shares(Remote Admin/Remote IPC)? Alex Lomas (Mar 30)
- What Are These Shares(Remote Admin/Remote IPC)? Mark Sargent (Mar 29)
- RE: Wireless access Rosado, Rafael (Rafael) (Mar 29)
- RE: Wireless access Dante Mercurio (Mar 29)
- Re: Wireless access dries (Mar 30)
- RE: Wireless access Keith T. Morgan (Mar 29)
- RE: Wireless access Robert Mezzone (Mar 30)
- RE: Wireless access Mitchell Rowton (Mar 30)
- RE: Wireless access Cesar Osorio (Mar 30)
- RE: Wireless access Phillip McCollum (Mar 31)