[GLLUG] Meeting Thursday, Dec 6, 2007

Lachniet, Mark mlachniet at analysts.com
Tue Dec 4 13:16:30 EST 2007


A few random thoughts on the wireless security thing..
 
If you add a layer of authentication, and use specific short-lived ID's for guests, you can do pretty well.  Alternately put wireless on a DMZ and have them go through a VPN termination device to get to anything of value.  A lot of times folks will use basic wireless security for guest Internet (most visitors just want to get their webmail) but then require VPN (maybe SSL clientless VPN) and authentication to get to internal resources.  Or maybe try out FreeNAC (http://freenac.net/) though I confess I've only used commercial NAC products..  Another idea is to put in a wireless IDS type system to detect tom-foolery.
 
Mark Lachniet
Solutions Architect - Security
Analysts International
3101 Technology Blvd. Suite A
Lansing, MI 48910
(517) 336-1004 (voice)
mailto:mlachniet at analysts.com
  

________________________________

From: linux-user-bounces at egr.msu.edu on behalf of Andy Lee
Sent: Tue 12/4/2007 1:09 PM
To: linux-user at egr.msu.edu
Subject: Re: [GLLUG] Meeting Thursday, Dec 6, 2007



>>> "Steven Sayers" <sjsayers93 at gmail.com> 12/4/2007 7:11 AM >>>
>From what I concurred at the meeting talking to Karl it was a lets-hack-wep
over how do we prevent this, however I'm sure karl has a good side when it
comes to routing.

What I'm looking for is a discussion of just how secure a secured network is, and what the truly best way to go is. To give a benchmark, the current setup is non-broadcast SSID, MAC access list, and WPA. My understanding is that all of these can be defeated without much difficulty, and I'm still hesitant to flip the switch to move this into a production environment, but users are getting to the point of expecting this convenience.


_______________________________________________
linux-user mailing list
linux-user at egr.msu.edu
http://mailman.egr.msu.edu/mailman/listinfo/linux-user


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.egr.msu.edu/mailman/public/linux-user/attachments/20071204/ce93127f/attachment-0001.html


More information about the linux-user mailing list