Firewall Wizards mailing list archives
RE: Hopefully not too OT
From: "Paul Melson" <psmelson () comcast net>
Date: Mon, 2 May 2005 17:12:59 -0400
I fear that a jammer would give you a false sense of security. For one, they're not totally effective, especially against ad-hoc networks in close proximity to each other. Sure, they kill performance, but they don't shut it down. Secondly, they can actually assist those airsnort-ing your space in collecting unique IV's should your rogue users be well-intentioned enough to use WEP. Thirdly, many jammers only operate in the 2.4GHz band - in the US alone you can buy WiFi products that operate at 915MHz and 5.8GHz, to say nothing of FHSS vs. DSSS. And, perhaps more importantly, jammers are not at all neighborly if your offices share space or proximity to businesses that do choose to use WiFi. Not to say that I have a better technical solution, but if you don't want *people* in or with your organization to use wireless, then you have a *people* problem that requires a people solution. PaulM -----Original Message----- Subject: [fw-wiz] Hopefully not too OT Good afternoon, This is not strctly firewalls per se, but more security in general, and as I usually find the quality of responses on this list to be of value, I will post it here. I work for an organization of about 5000 employees, with 55 remote sites hooked into our central site (ie, all traffic chokes at our main site and it's firewall. We have NO wireless network, and until the security of it matures to a point where I am reasonably comfortable (or until I am told to deploy one, more likely). With all of the recent identity theft, and the fact that we would be a potential target for such activities, I am trying to see where our vulnerabilities lie. In my searching, I pondered long and hard on rogue wireless APs and contractor/vendor laptops with wireless ebabled becoming a potential vector. While I scan our main building once a week with some wireless security tools, it is not feasible for me to contiuously drive around and scan all of our sites. I know also that I could put some sort of wireless IDS/Honeypot type thing out at each site, this would be expensive, and right now we are not flush with cash. I have been pondering putting an 802.11 jammer on site at each location (again, we don't use wireless, so it should not impair anything) and thought that might be a cheaper option. Have any of you done something like this, and have any tips from your experiences with this sort of scenario. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Hopefully not too OT jimmy (May 02)
- Re: Hopefully not too OT David Thiel (May 02)
- Management, Security and best practices for HSM & ATM networks Shimon Silberschlag (May 02)
- RE: Hopefully not too OT Ben Nagy (May 02)
- RE: Hopefully not too OT Marcus J. Ranum (May 02)
- Re: Hopefully not too OT Barney Wolff (May 03)
- Re: Hopefully not too OT Marcus J. Ranum (May 03)
- RE: Hopefully not too OT Marcus J. Ranum (May 02)
- Impeding wireless (was Re: Hopefully not too OT) Kevin (May 02)
- Re: Hopefully not too OT Paul D. Robertson (May 02)
- Re: Hopefully not too OT David Lang (May 02)
- RE: Hopefully not too OT Paul Melson (May 02)
- Re: Hopefully not too OT Jim MacLeod (May 05)
- <Possible follow-ups>
- RE: Hopefully not too OT Behm, Jeffrey L. (May 02)
- RE: Hopefully not too OT Gregory Hicks (May 02)
- Re: Hopefully not too OT Kevin Sheldrake (May 03)
- RE: Hopefully not too OT MHawkins (May 05)
- RE: Hopefully not too OT Paul D. Robertson (May 05)
- RE: Hopefully not too OT Chris Blask (May 08)
- RE: Hopefully not too OT Frederick M Avolio (May 12)
- RE: Hopefully not too OT Paul D. Robertson (May 05)