Home page logo
/

basics logo Security Basics mailing list archives

Re: Wireless security question
From: "Lim Ming Wei" <mwlim () pacific net sg>
Date: Thu, 30 Dec 2004 19:50:21 +0800

Well from what I look at this problem.  You might want to let the users know
of the company policy on such usage.  If need to let the administrator know
about it and they will handle it.
----- Original Message ----- 
From: "Omar Salvador Alcalá Ruiz" <oalcala () scitum com mx>
To: "'Nelson Santos'" <nsantos () gmail com>; "Marty" <groupecci () yahoo ca>
Cc: "Sec Basic" <security-basics () securityfocus com>
Sent: Wednesday, December 29, 2004 11:56 PM
Subject: RE: Wireless security question


I may also suggest to enforce a policy in your company that addresses the
hardware allowed and forbidden while in the office. If for some reason you
find a wireless card or whatever other hardware that could lead to misuse of
your resources (a.k.a. skipping your security implementation) you could
apply penalties. Make sure this policy is applied as is.

Regards

OA

-----Mensaje original-----
De: Nelson Santos [mailto:nsantos () gmail com]
Enviado el: Martes, 28 de Diciembre de 2004 11:54 a.m.
Para: Marty
CC: Sec Basic
Asunto: Re: Wireless security question

  What about Hardware Profiles? You could create a new one and then
disable the wireless card in it. Then ask the user to use the new
profile anytime she's on your network.


Happy Holidays,

Nelson Santos


On Wed, 22 Dec 2004 11:57:10 -0500 (EST), Marty <groupecci () yahoo ca> wrote:
Hi gang!

Here is a question for you...

We have a secure network with no wireless
connections whatsoever.

One of our laptop came in with credentials to log
on to the network through the Ethernet cable BUT
the person had just added a wireless card to his
laptop.

This situation actually came up and the person
could see external wireless networks (from other
companies around our building) and access
Internet through there. Yeah I know they're
stupid, but it's the real world!

This seems like a potential threat for taking our
data out the back door.
Copy files accessed through our network to
another network and voilà! No trace at all of the
mischief.

We monitor internet access and block non-company
Email (Yahoo, Hotmail etc.).

Suggestions?

Thanks and Happy Holidays!

Marty!


__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]