[Novalug] wireless available at meetings?
plarsen at famlarsen.homelinux.com
Tue Jan 16 16:14:00 EST 2007
Theodore Ruegsegger wrote:
> Peter asked:
>> Hmmm - what's the difference [between the forbidden wireless access
>> and the permitted wired access]? We're still using their network??
> With wireless:
> * It's hard to tell who is using it; perhaps a bad 'un out in the
> parking lot might connect...
If the key is dedicated for our use, or just guest use - it doesn't
really matter? It would be a separate segment isolated from the core
corporate network? All we would get would be (limited) internet access?
And with a key, no random person at the outside would be invited inside?
> * There's an explicit order forbidding it. Exceptions require
> approvals by strangers who have no reason to say yes.
I wasn't trying to suggest that we should violate the policy. By no
means. But I was trying to understand why there is a difference
accessing the network through a wire or through the air.
> With wired:
> * We can observe/control who uses it, namely, the NOVALUG attendees in
> the auditorium.
1) We're not monitoring what each individual does. He could be
innocently surfing or trying to hack internal resources.
2) Any PC attached might already act as gateway and allow other people
in, either via the net or via an open "Free Wifi" service. Just because
you can see the physical PC doesn't mean you can see the traffic
generated by each node.
> * There's no explicit order forbidding it, and my buddies in network
> admin are ok with it. No strangers involved.
Got it; as long as nobody knows they won't get worried. I agree with
you, no reason to rock the boat here. However, what we're basically
saying is, that we're utilizing a "security hole" or oversight; but not
abusing it. If that makes sense?
> ps. The fact that at least one computer in the building is infected
> with a virus/worm offering "Free WiFi", as Greg discovered at a recent
> meeting, doesn't mean CSC's ok with it ;-)
Yeah - as a matter of fact, I'm seeing those at work too :( However,
adding a "free wifi" to a wired network, just makes that PC act as a
gateway?? So we're really not that secure.
> pps. I'm not saying your argument is wrong, just that reasoned
> argument doesn't persuade suits. We're talking security theater here;
> after all, the standard CSC platform is still Windows!
Fully understood. I for one, really appreciate the use of the top-nudge
facilities! I would however want to question the need to surf, while
attending a presentation ... it doesn't seem very polite not to pay
attention to the presenter.
> ppps. Just to show they're not completely stupid, there's also an
> explicit order that says any machine connecting to a CSC network must
> first be certified malware-free by IT but, when pressed, they'll
> acknowledge that that doesn't apply to GNU/Linux machines.
<irony>Don't you know that all us Linux-geeks are just hackers in
disguise?? That's implicitly all we want to do - produce malware and
hack other people's computers!</irony>
More information about the Novalug