Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Wireless security question

from [Michael Puchol] Network Security [Permanent Link]
Subject: Re: Wireless security question
Date: Fri, 24 Dec 2004 08:59:33 +0100 
Hi Rob,

Just FYI, Netstumbler scans by sending probes, and some APs are configured not to respond to probes (some Intel ones for example do this by default) - this means Netstumbler won't see those. If you are going to scan for security, and not for fun (wardriving, for example), I recommend Kismet, and if you have the budget, AiroPeek NX or AirMagnet - they are tailored to provide specific alarms to situations you can define.

As for the matter at hand, I would harden GPs as you mention regarding hardware and network rights.

Another thing you could do is disable the TCP/IP stack in the wireless adapter's configuration, that would certainly sterilize it.

Best regards,

Mike
mother@netstumbler.com

Rob McShinsky wrote: 
If you have a Windows Domain and these machines are on that domain, you can
put a Group Policy in place that will disable the computers ability to
bridge connections, share connections, etc...  Doing regular sweeps with a
product like netstumbler throughout your facilities can also find your
problem machines.  These along with a known written company policy should
cover the company legally at least.

Rob

-----Original Message-----
From: Steve [mailto:securityfocus@delahunty.com] Sent: Wednesday, December 22, 2004 5:56 PM
To: Marty; Sec Basic
Subject: Re: Wireless security question

Policy against wireless, including cards.  Remove his wireless card.

One risk you have is his laptop latching on to hostile networks, once with
worms/viruses, as well as the threat you note.



----- Original Message -----
From: "Marty" <groupecci@yahoo.ca>
To: "Sec Basic" <security-basics@securityfocus.com>
Sent: Wednesday, December 22, 2004 11:57 AM
Subject: Wireless security question


Hi gang!

Here is a question for you...

We have a secure network with no wireless
connections whatsoever.

One of our laptop came in with credentials to log
on to the network through the Ethernet cable BUT
the person had just added a wireless card to his
laptop.

This situation actually came up and the person
could see external wireless networks (from other
companies around our building) and access
Internet through there. Yeah I know they're
stupid, but it's the real world!

This seems like a potential threat for taking our
data out the back door.
Copy files accessed through our network to
another network and voilà! No trace at all of the
mischief.

We monitor internet access and block non-company
Email (Yahoo, Hotmail etc.).

Suggestions?

Thanks and Happy Holidays!

Marty!


__________________________________________________________
Lèche-vitrine ou lèche-écran ?
magasinage.yahoo.ca









[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Lots of incoming traffic on UDP 1026 and UDP 1027?, FocusHacks
Next by Date:  Re: bridge detection, Danux
Previous by Thread:  RE: Wireless security question, Rob McShinsky
Next by Thread:  RE: Wireless security question, Harshul Nayak
Indexes:  [Date] [Thread] [Top] [All Lists]