Re: wireless network security best practice?

From: Adrian Inman (no_at_spam.com)
Date: 08/28/03 

Date: Thu, 28 Aug 2003 00:18:12 +0100

As stupidly simple security precaution - do you keep the base station on
24x7?

Have you thought about putting it on a timer so its only on during working
hours - thus reducing your attacker's window of opportunity to working
hours.

"erik" <erik@geenspam.vanwesten.net> wrote in message
news:3f4d03ce$0$49099$e4fe514c@news.xs4all.nl...
> Adrian Inman wrote:
>
> > Thanks for the context.
> >
> > MAC filtering and 128 bit WEP is okay, but not bulletproof. It will
> > stop opportunists (within reason).
>
> It will not stop them. Not at all.
>
> > But as ever, context is everything.
>
> That is right.
>
> >
> > You should ask yourself: Who's in range?
> > What data are you trying to protect?
> > What's the worse that could happen?
>
> Assume the worst. Your link is used for spammers. You get disconnected.
>
> >
> > Unfortunately the VPN idea, while a good one, could be impractical in
> > your situation,
>
> What do you mean?
>
> > but sensible measures such as turning off broadcasting
> > the SSID of your wireless network and not using an obvious name for it
> > are steps in the right direction.
>
> No those are steps in the wrong direction. Security by obscurity never
> worked. Listening in will reveal all relevant data within seconds.
>
> >
> > Some more info would help.
>
> A little bit more security consciousness also.
>
> EJ
> --
> Remove the obvious part (including the dot) for my email address
>

Relevant Pages

  • Re: Why does rewind() ignore errors?
    ... to the internet that cannot, ... decent security software that is being used properly) are the ordinary ... *you* are talking about a particular context. ... It's undefined behaviour. ...
    (comp.std.c)
  • Re: Problem passing user credentials to AD
    ... Since this is a web application, then passing null credentials will make the ... DirectoryEntry pick up the credentials of the current thread security ... order to delegate the user's security context to a different machine (what ...
    (microsoft.public.dotnet.security)
  • Re: Threading in ASP.NET
    ... when you start a thread, it gets the security context of the process, not ... using the winnt security api, you can pass the thread security token to the ... you will need to giver impersonation permission to the asp.net ... | I have an aspx page that runs a whole lot of batch reports. ...
    (microsoft.public.dotnet.framework.aspnet)
  • Given: Service+named pipe from client. Wanted:Launch process on currently active users desktop
    ... I have my Windows Service application, running in the SYSTEM security ... It receives data via a named pipe from my client DLL, ... running in the security context of the current logged on user). ...
    (microsoft.public.platformsdk.security)
  • Role Based Security Issue
    ... into an issue when trying to implement role based security. ... Our privileges directly correspond with the CRUD methods of our classes. ... public static Customer GetCustomer ... user may need to be granted an object privilege in one context but not in ...
    (microsoft.public.dotnet.general)
Loading