Firewall Wizards mailing list archives

Re: Hopefully not too OT

From: "Kevin Sheldrake" <kev () electriccat co uk>
Date: Tue, 03 May 2005 10:47:15 +0100

From: "Paul Melson" <psmelson () comcast net>
To: <jimmy () chickenhollow net>, <firewall-wizards () honor icsalabs com>
Subject: RE: [fw-wiz] Hopefully not too OT
Date: Mon, 2 May 2005 17:12:59 -0400

I fear that a jammer would give you a false sense of security.  For one,
they're not totally effective, especially against ad-hoc networks incloseproximity to each other. Sure, they kill performance, but they don'tshutit down. Secondly, they can actually assist those airsnort-ing yourspacein collecting unique IV's should your rogue users be well-intentionedenoughto use WEP. Thirdly, many jammers only operate in the 2.4GHz band - intheUS alone you can buy WiFi products that operate at 915MHz and 5.8GHz,to saynothing of FHSS vs. DSSS. And, perhaps more importantly, jammers arenot atall neighborly if your offices share space or proximity to businessesthat
do choose to use WiFi.
Not to say that I have a better technical solution, but if you don'twant
*people* in or with your organization to use wireless, then you have a
*people* problem that requires a people solution.

PaulM
Jimmy:

Actually, Paul Robertson, Ben, and Paul Melson hit the nail on the head.

You need a written policy saying, in effect, "no wireless access to the
company network", get the employees to sign off on it AFTER the
layer-8/9 people approve the policy.  If anyone breaks the rules after
that, then you have an HR problem.

While I agree that failure to adhere to the security policy is certainlyan HR problem, we shouldn't forget that all internal security issuesinvolving staff or contractors are HR problems, but it doesn't stop usdoing something about them.

I'm sure you understand that in order to recognise the HR problem, we needsuitable accounting and audit systems (however the sensors areimplemented). We also might be concerned about the exposure to risk inthe period between detection and repair, and we might wish to do somethingto lower it ahead of the breach.

As I said, I don't think I'm stating anything new, I just thought it wasworth stating that technical controls should be developed hand-in-handwith personnel and procedural controls; changing the policy alone mightnot have the desired effect and, with insufficient accounting and audit,we may never know.


Kev

--
Kevin Sheldrake MEng MIEE CEng CISSP
Electric Cat (Cheltenham) Ltd

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

RE: Hopefully not too OT, (continued)
- - RE: Hopefully not too OT Marcus J. Ranum (May 02)
    - Re: Hopefully not too OT Barney Wolff (May 03)
    - Re: Hopefully not too OT Marcus J. Ranum (May 03)
- Impeding wireless (was Re: Hopefully not too OT) Kevin (May 02)
- Re: Hopefully not too OT Paul D. Robertson (May 02)
  - Re: Hopefully not too OT David Lang (May 02)
- RE: Hopefully not too OT Paul Melson (May 02)
- Re: Hopefully not too OT Jim MacLeod (May 05)
- RE: Hopefully not too OT Behm, Jeffrey L. (May 02)
- RE: Hopefully not too OT Gregory Hicks (May 02)
  - Re: Hopefully not too OT Kevin Sheldrake (May 03)
- RE: Hopefully not too OT MHawkins (May 05)
  - RE: Hopefully not too OT Paul D. Robertson (May 05)
    - RE: Hopefully not too OT Chris Blask (May 08)
    - RE: Hopefully not too OT Frederick M Avolio (May 12)
- Re: Hopefully not too OT jimmy (May 05)
- RE: Hopefully not too OT Paul Melson (May 05)
- Re: Hopefully not too OT James Richards (May 05)
- RE: Hopefully not too OT Behm, Jeffrey L. (May 05)