Home page logo

basics logo Security Basics mailing list archives

Re: Wireless security question
From: Nicholas Diotte <xphox () xphox net>
Date: 24 Dec 2004 14:55:50 -0000

In-Reply-To: <20041222165710.54598.qmail () web20426 mail yahoo com>

Hi gang!


Here is a question for you...

We have a secure network with no wireless
connections whatsoever.

Thank goodness. :)

One of our laptop came in with credentials to log
on to the network through the Ethernet cable BUT
the person had just added a wireless card to his

This situation actually came up and the person
could see external wireless networks (from other
companies around our building) and access
Internet through there. Yeah I know they're
stupid, but it's the real world!

Yup.  Sometimes people just don't care how insecure things are, as long as it works, and is convenient for them.

This seems like a potential threat for taking our
data out the back door. 
Copy files accessed through our network to
another network and voilà! No trace at all of the

I would be more concerned with mass storage, like others said.  But you make a valid point.  Your employee might not 
know that someone is on his computer.  Regardless, this does creat a point of access into your network.  If  company 
policy says it's a no no.. then you may want to try a few of these options.

1. If your running Windows XP, and you can manage via group policy, why not simply disable the "Wireless Zero 
Configuration" service.  Hopefully this user isn't running as an admin on the local machine.  

2.  You can install a software based firewall (yuk imo)

3.  Create multiple hardware profiles.  One labeled Home, and the other Work.  While at Work disable his wireless card. 
 While at Home disable his lan card.  More of a patch, but it would stop him from booting into Home mode by accident at 

Many more options available.  Before I keep assuming your running XP, I'll wait to see.

We monitor internet access and block non-company
Email (Yahoo, Hotmail etc.).


Thanks and Happy Holidays!


Lèche-vitrine ou lèche-écran ?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]