Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Wireless security question...

from [Kenton Smith] Network Security [Permanent Link]
Subject: Re: Wireless security question...
Date: Fri, 28 Oct 2005 17:59:29 -0400 (EDT) 
Answers below:
--- Marty <m_samson@videotron.ca> wrote:


 Hi,
 
We're having an in-house discussion regarding the
risk
related to wireless security.
 
The mobile users would like to be able to use the
wireless
technology within their laptops to access the office
while
they are away. Right now we don't allow wireless
access
points.
 
The questions we have are:
 
1- Can a wireless router (installed in their
home-office) be
hacked into AND can this hacker take control of the
wireless
laptop. If so I would need some detail on how we can
prevent
that (besides WEP). Let's assume for the sake of
discussion
that there is no WEP encryption on the router. 


Ahhhh!!!!!!
  

 
2- How easy is it to access the laptop once you're
into the
router? Is it child splay or do we need a
specialist?


Child's play. No encryption and just about anyone
could get access to that machine with very little
effort.
 

 
3- If the laptop's wireless router is secured with
WEP and
connected to the office via VPN can it be EASILY
hacked
into? The VPN connection gives them little access to
the
network, barely what they need to work. Will the
intruder
have access to our network?


Not easily, for 90% of companies this is pperfectly
secure. If the intruder was able to get in, then yes
they could get access to your network. WEP isn't
great, but in most cases it's secure enough.
Especially if you're then going to wrap it in a VPN.
 

 
4- How secure is my sales rep. running around hotels
with
his laptop?


Are you talking abour wireless? Probably no more that
he is running around a hotel with a laptop without
wireless. Do you encrypt everything on the laptops? If
not, it would be easier for someone to steal it than
it  would be to steal traffic on an encrypted link.
Someone who wants information is going to go for the
low-hanging fruit and grabbing a latop while someone
isn't paying attention is way easier than trying to
hack into it.
 

 
 
We are trying to assess the risk...should we, should
we not
allow wireless for the mobile workforce.


If you're workforce has wireless enabled notebooks,
you're much better off allowing them to use it and
using best practices to keep the information safe.
Wireless is too convenient. If you forbid them from
using it they're going to work around it and use it
anyway and then they won't be using any security
measures.

 
 
 
Thanks!
 
Marty






        

        
                
__________________________________________________________ 
Find your next car at http://autos.yahoo.ca
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Wireless security question..., Hagen, Eric
Next by Date:  RE: Any banking security best practices and survey information?, ricci
Previous by Thread:  Re: Wireless security question..., Fred Cohen
Next by Thread:  Re: Wireless security question..., groffg
Indexes:  [Date] [Thread] [Top] [All Lists]