|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] OT: Large Wireless Network on the Cheap
|
On Fri, 15 Oct 2004 18:52:16 -0400, Paul <gyoza@comcast.net> wrote:
> To me it's makes sense to only have a firewall at entrance points, not
> on every client. A wireless connection should be treated like an
> Internet connection; it should not be trusted.
Exactly - it should not be trusted. That's why you SHOULD be running
firewalls on the wireless clients IN ADDITION to the fw/vpn gateway
located immediately beyond the AP. So, you firewall on the wired side
of the AP, but not the clients, what can happen? I happen upon your
network, pop one of your wireless clients and now ride their VPN
tunnel into your network.
If you truly think that the air side is untrusted, then you should
treat it as such...
--j
--
Want a gmail invite? Help me get a free iPod for my wife.
http://www.freeiPods.com/default.aspx?referer=9913261
No cost to you, free iPod for her, gmail invite for you.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|