Re: [Nolug] Unsecured wireless networks with everybody's favorite OS

From: Joey Kelly <joey_at_joeykelly.net>
Date: Thu, 30 Jul 2009 08:04:04 -0500
Message-Id: <200907300804.13427.joey@joeykelly.net>

On Wed July 29 2009 3:33 pm, Chris Jones wrote:

>
> The problem is they have a neighbor with a wide open wireless AP, so
> the employees just get on that and can then do whatever they want.

John on this list had a similar situation at one of their locations in
Lafayette. They were in an office building with several open APs, and their
solution was to visit their neighbors and tell the IT guys (or the managers
if no IT guy was available) that their network was wide open and thus open to
attack, in addition to the casual surfing issue. John and his team offered to
close the security holes for free if needed, and this strategy seemed to work
in getting things tightened up sufficiently in the building.

One other thing they did had to do with policy. No company PC was allowed to
have a wireless NIC, and no personal laptop was allowed on the company LAN.
A "barbarian" AP was set up so that the LAN was not reachable from any
laptop. Users on this second network were required to use the VPN, just as
they had to do if they were connecting from home.

-- 
Joey Kelly
Minister of the Gospel and Linux Consultant
http://joeykelly.net

___________________
Nolug mailing list
nolug@nolug.org

Received on 07/30/09

This archive was generated by hypermail 2.2.0 : 08/06/09 EDT