Security Basics mailing list archives
RE: Blacklisting wireless access points...
From: "Babu.N" <babun () intoto com>
Date: Tue, 20 May 2008 13:33:57 +0530
Can't this be addressed by deploying NAC devices & installing NAC agents in the laptops that you mentioned ? I'm not sure whether NAC systems today support policy enforcement based on wifi enable/disable configuration in hosts.
If you dont get any way to disable wifi-access from such laptops, you may want to atleast make sure that such laptops (which may roam in insecure environments like neighbor's access points) dont infect other machines in your LAN by deploying a layer2/transparent UTM in your switches.
- Babu At 12:20 AM 5/16/2008, Dan Denton wrote:
My apologies for not being explicit enough. Due to the nature of our business, we do not allow the use of wireless at all for our users, however most of our users have laptops with wireless cards. The users in question have been instructed not to access any access points (there are a couple around us), protected or otherwise, run by neighboring businesses, and I do not believe they'd intentionally access them but I'd like to be sure they cannot. Thanks for the replies... -----Original Message----- From: infolookup () gmail com [mailto:infolookup () gmail com] Sent: Thursday, May 15, 2008 12:19 PM To: Dan Denton; listbounce () securityfocus com; security-basics () securityfocus com Subject: Re: Blacklisting wireless access points... Care to explain a bit more, are the access points controlled by your company and you don't want your users accessing them, or do you want to block them for AP's near by? If its the first why not setup a security protection on the AP to block users WPA2, radius something to that extend. Sent from my Verizon Wireless BlackBerry -----Original Message----- From: "Dan Denton" <ddenton () remitpro com> Date: Thu, 15 May 2008 10:19:35 To:<security-basics () securityfocus com> Subject: Blacklisting wireless access points... Does the list know of a way/product to prevent users from accessing certain wireless access points? I figure AD has a group policy that can do this, but we don't currently use AD. Any suggestions are greatly appreciated... Thanks much, Dan
********************************************************************************This email message (including any attachments) is for the sole use of the intended recipient(s) and may contain confidential, proprietary and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please immediately notify the sender by reply email and destroy all copies of the original message. Thank you.
Intoto Inc.
Current thread:
- Blacklisting wireless access points... Dan Denton (May 15)
- Re: Blacklisting wireless access points... infolookup (May 15)
- RE: Blacklisting wireless access points... Dan Denton (May 15)
- RE: Blacklisting wireless access points... Basem Barakat (May 15)
- RE: Blacklisting wireless access points... Babu.N (May 20)
- RE: Blacklisting wireless access points... Mike Drugov (May 20)
- RE: Blacklisting wireless access points... Dan Denton (May 15)
- Re: Blacklisting wireless access points... infolookup (May 15)
- Re: Blacklisting wireless access points... Stephen Thornber (May 15)
- Re: Blacklisting wireless access points... Shawn A. Corrello (May 15)
- Re: Blacklisting wireless access points... David Poole (May 16)
- <Possible follow-ups>
- Re: Re: Blacklisting wireless access points... rah . wollongong (May 15)