Security Basics mailing list archives
Enabling wireless on AD-only network.
From: "Crawley, Jim" <Jim.Crawley () yrbrands com>
Date: Tue, 17 Apr 2007 11:16:25 +1000
Currently we have no wireless access points in any of our offices. No central management for wireless. Symantec AV. Firewall is the default Windows Firewall which is managed by Active Directory (port/program exceptions defined for when they're connected to the domain, locked down much tighter when not on the domain). The poor excuse for wireless management so far has been a group policy object disabling the Wireless Zero Access service, but giving the staff access to start it again if needs be and it will be disabled upon next reboot. Our CFO is stuck overseas in a hotel whose only internet access is wireless. I now have a problem I've been dreading and trying to avoid for a while, us being given no choice but to enable wireless so that staff can connect to other wifi networks. The way Windows Firewall works to my understanding (I could be wrong, please correct me if I am), if they're connected to our network the machines firewall will be more open on all network adapters and not just the one connected to our internal network. Is there a way I can set the machines so that if something is connected to the LAN port, the wifi adapter disables itself or stops working? Also, is there anything else I can do to try and secure these machines? Keep in mind that the only resources available to me are a poor scripting ability and Active Directory. KB917021 will be pushed out to all machines prior to any changes being made as well, I'm surprised this wasn't available through WSUS.
Current thread:
- Enabling wireless on AD-only network. Crawley, Jim (Apr 17)