Re: [PLUG] Wireless access - from a security expert

Matthew Rosewarne on 10 Dec 2007 20:19:34 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wireless access - from a security expert

From: Matthew Rosewarne <mrosewarne@inoutbox.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Wireless access - from a security expert

Date: Mon, 10 Dec 2007 15:19:23 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: KMail/1.9.7

On Monday 10 December 2007, Jason wrote: > In an enterprise environment, absolutely. The article was targetted > at home users. You know a lot of home users that deploy multi-segment > networks, IDS sensors, and VPN gateways? I don't. :) It's not about all that. Regardless of whether you have a small network or a big one, you need to use secure practises regardless. That doesn't mean you _need_ to run IDS, VPN, etc. It only means you need to use your head, never transfer anything confidential in the clear, since you can always assume someone might be listening. It makes no difference whether you have an open AP, ethernet, or a dedicated line. > If my goal was to offer up free Internet to my neighbors, sure, that's > how I'd do it, or I'd deploy a 2nd access point on an isolated network > that only got to the Internet. Again, how many average folks are > either capable of doing that, or have the desire to do that. They > just read a "security expert" telling them it's ok to have an open > wifi network. Lots of folks live within wifi range of public parks. > I could sit on a bench and get personal financial info pretty easily, > if they follow the advice given in the article. They don't have to do any DMZ/VPN stuff. That's only if you really want a (well-secured) separate internal/external setup. > That's the issue here - not how to design a proper enterprise > deployment - but rather, how to keep from getting fleeced and taken > advantage of. I know plenty of people who take advantage of open wifi > to download torrents of movies & music too. Where would you like your > subpeona sent, home or office? :) You say you have an open AP. There's no liability for unmonitored, publicly-available services, just like a cafe wouldn't be liable for what people do on their free wifi.
Attachment: signature.asc
Description: This is a digitally signed message part.

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Wireless access - from a security expert
From: "Brian Stempin" <brian.stempin@gmail.com>

References:

[PLUG] Wireless access - from a security expert
From: Eric <eric@lucii.org>

Re: [PLUG] Wireless access - from a security expert
From: Matthew Rosewarne <mrosewarne@inoutbox.com>

Re: [PLUG] Wireless access - from a security expert
From: Jason <jcostom@gmail.com>

Prev by Date: Re: [PLUG] Wireless access - from a security expert

Next by Date: Re: [PLUG] Wireless access - from a security expert

Previous by thread: Re: [PLUG] Wireless access - from a security expert

Next by thread: Re: [PLUG] Wireless access - from a security expert

Index(es):

Date

Thread