Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: RE: Blacklisting wireless access points...

RE: Blacklisting wireless access points...

From: Babu.N <babun_at_intoto.com>
Date: Tue, 20 May 2008 13:33:57 +0530

Can't this be addressed by deploying NAC devices & installing NAC
agents in the laptops that you mentioned ? I'm not sure whether NAC
systems today support policy enforcement based on wifi enable/disable
configuration in hosts.

If you dont get any way to disable wifi-access from such laptops, you
may want to atleast make sure that such laptops (which may roam in
insecure environments like neighbor's access points) dont infect
other machines in your LAN by deploying a layer2/transparent UTM in
your switches.

- Babu

At 12:20 AM 5/16/2008, Dan Denton wrote:
>My apologies for not being explicit enough. Due to the nature of our
>business, we do not allow the use of wireless at all for our users, however
>most of our users have laptops with wireless cards.
>
>The users in question have been instructed not to access any access points
>(there are a couple around us), protected or otherwise, run by neighboring
>businesses, and I do not believe they'd intentionally access them but I'd
>like to be sure they cannot.
>
>Thanks for the replies...
>
>-----Original Message-----
>From: infolookup_at_gmail.com [mailto:infolookup_at_gmail.com]
>Sent: Thursday, May 15, 2008 12:19 PM
>To: Dan Denton; listbounce_at_securityfocus.com;
>security-basics_at_securityfocus.com
>Subject: Re: Blacklisting wireless access points...
>
>Care to explain a bit more, are the access points controlled by your company
>and you don't want your users accessing them, or do you want to block them
>for AP's near by?
>
>If its the first why not setup a security protection on the AP to block
>users WPA2, radius something to that extend.
>Sent from my Verizon Wireless BlackBerry
>
>-----Original Message-----
>From: "Dan Denton" <ddenton_at_remitpro.com>
>
>Date: Thu, 15 May 2008 10:19:35
>To:<security-basics_at_securityfocus.com>
>Subject: Blacklisting wireless access points...
>
>
>Does the list know of a way/product to prevent users from accessing certain
>wireless access points? I figure AD has a group policy that can do this, but
>we don't currently use AD. Any suggestions are greatly appreciated...
>
>Thanks much,
>
>Dan

********************************************************************************
This email message (including any attachments) is for the sole use of the intended recipient(s)
and may contain confidential, proprietary and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended recipient,
please immediately notify the sender by reply email and destroy all copies of the original message.
Thank you.
 
Intoto Inc.
Received on May 20 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]