[Dshield] RE: Wireless networks and corporate LANS

Mark markt442 at yahoo.com
Sun Feb 29 01:51:46 GMT 2004


... A laptop is connected to a corporate LAN via
ethernet ... also has a wireless card installed.  A
public wireless access point is within range.  Will
the laptop connect both interfaces?  ...

Don, I've successfully run "twins" in my system to
"bridge" between a lab-network and our corporate
network. WinXP has a nifty feature that allows you to
actually use two interfaces and NAT between a private
network (you select the interface) and the other
adapter. I've used that feature at conferences and
tradeshows to run a quick "router" (WinXP) without
carrying an extra box.

A security threat identified by Johannes is the
creation of an alternate entry into a
corporate/educational LAN that is unexpected by the
network administrator. I haven't seen many "patched"
systems that automatically join any (not "any")
wireless network unless configured purposely to do so.


There are companies that are producing products to
"detect" machines configured in this manner. Newbury
Networks (i have no affiliation) has a product that
can identify machines configured in a given "area"
(defined as a physical space) and create an alert to
IT that a system in the defined spaces has a wireless
association to an unapproved network. It handles
detection of rogue access points and rogue
peer-to-peer connections. Microsoft is also working on
some products (to be announced) that will facilitate
the detection of rogue access points. 

I hope that helps you,

Mark

__________________________________
Do you Yahoo!?
Get better spam protection with Yahoo! Mail.
http://antispam.yahoo.com/tools




More information about the list mailing list