Home page logo

basics logo Security Basics mailing list archives

RE: WiFi security implications
From: "Tres London" <telconstar99 () wblondon com>
Date: Fri, 5 Dec 2003 01:51:38 -0600

Let's assume that I don't have a firewall on the laptop. 

Aren't you saying that the danger is that somebody could access my
laptop and do some sort of damage to it b/c I don't have a firewall?

Assuming they allow me to use the laptop to access the internet on an
insecure wireless network, wouldn't the concerns be the same even if I
wasn't VPNing into the network? 

i.e. If they allow me to use the laptop for normal internet activity at
an insecure public wireless location already, just not for VPN access,
doesn't that mean that IT is not concerned about the firewall?

-Tres London

-----Original Message-----
From: Paul Kurczaba [mailto:paul () myipis com] 
Sent: Thursday, December 04, 2003 5:08 PM
To: Tres London; security-basics () securityfocus com
Subject: Re: WiFi security implications

The VPN connection should be secure (when properly configured) no matter
what connection the client is using: Cable, DSL, 802.11a/b/g (Wireless),
Satellite. If your company is using 3DES encryption or higher, there
be no security issues. I'm thinking that your IT may be concerned that
you don't have a personal firewall running on your notebook, then others
have the possibility of accessing your computer on an open wireless

-Paul Kurczaba
----- Original Message ----- 
From: "Tres London" <telconstar99 () wblondon com>
To: <security-basics () securityfocus com>
Sent: Wednesday, December 03, 2003 9:28 PM
Subject: WiFi security implications

Hello List, 1st time poster here :)

If I work for a financial firm, have a laptop with wireless access and
am at a publicly available wireless access point, and want access to
network via VPN, what are the security implications?

My company currently allows people from home to VPN into the network
work, but IT is nervous about allowing it over a wireless connection
because of security implications.

My point is that VPN should be secure enough on it's own, even if
access my information, it's still encrypted with IPSec (or something
like that).



-Tres London




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]