Firewall Wizards mailing list archives
RE: Hopefully not too OT
From: "Paul Melson" <psmelson () comcast net>
Date: Tue, 3 May 2005 15:07:48 -0400
If you mistrust internal users, I think you may be better served by looking at EAP or some other sort of network access control (gee, I wonder if somebody's branded that term... :-) that could address any rogue equipment or users. It's just as feasible that an outside contractor, a guest, an untrustworthy employee, or even a cunning criminal could get past physical security and connect to your wired network and have their way with your data that way. Even within the parameters of corporate security policies, this type of thing represents a real threat. All of the network-based worm exposures I've seen at (insert current employer here) were caused by laptops brought in by (insert high-profile audit firm, now removed from approved infosec vendor list here). Anyway, nmap -sS -O -p23,80,443 can identify rogues from the wired side, since it can fingerprint about a dozen different AP types. PaulM -----Original Message----- I am going to have to take a multifaceted approach to this I believe, we have a very aggressive security posture here, we mistrust our internal users just as much as external users, and have a very tight filtering system, at the wire and application level, but I am paranoid, so I will keep going further. If anyone has any experience with scanners (preferrably open source) which are good at ferreting out rogue APs I would be gratefull for pointers. Again, many thanks to all! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Hopefully not too OT, (continued)
- RE: Hopefully not too OT Paul Melson (May 02)
- Re: Hopefully not too OT Jim MacLeod (May 05)
- RE: Hopefully not too OT Behm, Jeffrey L. (May 02)
- RE: Hopefully not too OT Gregory Hicks (May 02)
- Re: Hopefully not too OT Kevin Sheldrake (May 03)
- RE: Hopefully not too OT MHawkins (May 05)
- RE: Hopefully not too OT Paul D. Robertson (May 05)
- RE: Hopefully not too OT Chris Blask (May 08)
- RE: Hopefully not too OT Frederick M Avolio (May 12)
- RE: Hopefully not too OT Paul D. Robertson (May 05)
- Re: Hopefully not too OT jimmy (May 05)
- RE: Hopefully not too OT Paul Melson (May 05)
- Re: Hopefully not too OT James Richards (May 05)
- RE: Hopefully not too OT Behm, Jeffrey L. (May 05)