Wireless adapter security question

Discussion in 'Computer Security' started by Apt Sa, Apr 10, 2006.

  1. Apt Sa

    Apt Sa Guest

    Could my internal wired network be easily breached by wireless cards on
    laptops? Let me list 2 areas of concern. A user in an office connects to
    an unsecure hotspot while connected to the internal secure wired network.
    or a user makes an adhoc connection to another wireless user. As this a
    concern? Thanks in advance.
    -Paul
     
    Apt Sa, Apr 10, 2006
    #1
    1. Advertising

  2. Apt Sa

    donnie Guest

    On Mon, 10 Apr 2006 10:35:35 -0700, "Apt Sa" <>
    wrote:

    >Could my internal wired network be easily breached by wireless cards on
    >laptops? Let me list 2 areas of concern. A user in an office connects to
    >an unsecure hotspot while connected to the internal secure wired network.
    >or a user makes an adhoc connection to another wireless user. As this a
    >concern? Thanks in advance.
    >-Paul
    >
    >

    ################################################
    Actually, if the user connects to an outside wireless network, it's
    that network that's at risk, not yours. If you don't have any
    wireless routers at all, you're in good shape.
    I maintain a 15 user, 1 server network. I use static IPs so even if
    someone walked in there w/ a laptop, they can't connect unless we give
    them an IP on the subnet. The last thing I wanted was people walking
    into the office and connecting to the network. How many of your users
    use laptops?
     
    donnie, Apr 11, 2006
    #2
    1. Advertising

  3. donnie wrote:

    > On Mon, 10 Apr 2006 10:35:35 -0700, "Apt Sa" <> wrote:
    >
    >>Could my internal wired network be easily breached by wireless cards on
    >>laptops? Let me list 2 areas of concern. A user in an office connects
    >>to an unsecure hotspot while connected to the internal secure wired
    >>network. or a user makes an adhoc connection to another wireless user.
    >>As this a concern? Thanks in advance.
    >>-Paul
    >>
    >>

    > ################################################ Actually, if the user
    > connects to an outside wireless network, it's that network that's at risk,
    > not yours. If you don't have any wireless routers at all, you're in good
    > shape.


    If that machine is compromised, which is MUCH easier to do on a LAN than a
    WAN, then it could very easily be used to access the poster's local
    "secure" network. That additional wireless connection is a clear risk to
    the local network.

    > I maintain a 15 user, 1 server network. I use static IPs so even
    > if someone walked in there w/ a laptop, they can't connect unless we give
    > them an IP on the subnet. The last thing I wanted was people walking into
    > the office and connecting to the network. How many of your users use
    > laptops?
     
    Borked Pseudo Mailed, Apr 11, 2006
    #3
  4. Apt Sa

    Apt Sa Guest

    Well thats kind of what I thought. I am just not sure if there is a way a
    user on the unsecured network could somehow hack users that connect to this
    network. For instance if they don't have a firewall turned on, or if they
    are allowing file and print sharing. Once they hacked into this machine
    maybe they could take it over and then attack the secured network. Not sure
    if it is posible maybe I am just too paranoid. I have about maybe 30 users
    with wireless enabled laptops.
    -Paul
    "donnie" <> wrote in message
    news:...
    > On Mon, 10 Apr 2006 10:35:35 -0700, "Apt Sa" <>
    > wrote:
    >
    >>Could my internal wired network be easily breached by wireless cards on
    >>laptops? Let me list 2 areas of concern. A user in an office connects to
    >>an unsecure hotspot while connected to the internal secure wired network.
    >>or a user makes an adhoc connection to another wireless user. As this a
    >>concern? Thanks in advance.
    >>-Paul
    >>
    >>

    > ################################################
    > Actually, if the user connects to an outside wireless network, it's
    > that network that's at risk, not yours. If you don't have any
    > wireless routers at all, you're in good shape.
    > I maintain a 15 user, 1 server network. I use static IPs so even if
    > someone walked in there w/ a laptop, they can't connect unless we give
    > them an IP on the subnet. The last thing I wanted was people walking
    > into the office and connecting to the network. How many of your users
    > use laptops?
     
    Apt Sa, Apr 11, 2006
    #4
  5. Apt Sa wrote:

    > Could my internal wired network be easily breached by wireless cards on
    > laptops? Let me list 2 areas of concern. A user in an office connects to
    > an unsecure hotspot while connected to the internal secure wired network.
    > or a user makes an adhoc connection to another wireless user. As this a
    > concern? Thanks in advance.


    If two network connections are being made, then of course that machine
    poses a greater risk to both networks because it's a "trusted" member of
    each. The foreign (to you anyway) network has considerably more unsecured
    access to that machine than someone out on the net. IOW, machines on a
    LAN are typically more prone to compromise by other machines on their
    local network than they are those on a WAN.

    So the answer to your question is..... yes, it's a concern. That laptop is
    in a position of additional risk and could easily be used as a "gateway"
    to your network if compromised. :-(
     
    George Orwell, Apr 11, 2006
    #5
  6. Apt Sa

    donnie Guest

    On Tue, 11 Apr 2006 08:40:11 -0600 (MDT), Borked Pseudo Mailed
    <> wrote:

    >If that machine is compromised, which is MUCH easier to do on a LAN than a
    >WAN, then it could very easily be used to access the poster's local
    >"secure" network. That additional wireless connection is a clear risk to
    >the local network.

    #########################################
    I knew someone was going to say that but I don't think it's as bad as
    that. If I connected to an opened wireless router w/ my laptop,
    chances are that they won't even know that I am there let alone see my
    machine, check it for any trojans or unprotected shares and continue
    to other machines on my side. It may be possible, but the word
    "easily" should be removed from that scenario.
     
    donnie, Apr 12, 2006
    #6
  7. donnie wrote:

    > On Tue, 11 Apr 2006 08:40:11 -0600 (MDT), Borked Pseudo Mailed
    > <> wrote:
    >
    >>If that machine is compromised, which is MUCH easier to do on a LAN than
    >>a WAN, then it could very easily be used to access the poster's local
    >>"secure" network. That additional wireless connection is a clear risk to
    >>the local network.

    > ######################################### I knew someone was going to say
    > that but I don't think it's as bad as that. If I connected to an opened
    > wireless router w/ my laptop, chances are that they won't even know that I
    > am there let alone see my machine, check it for any trojans or unprotected
    > shares and continue to other machines on my side.


    Security through obscurity? Completely irrelevant. We already know it's a
    falsehood.

    > It may be possible, but
    > the word "easily" should be removed from that scenario.


    No, it shouldn't. I didn't say a machine could be easily compromised, I
    said it is MUCH easier to do on a local network, and that is a correct
    statement. I never once said anything about the difficulty of cracking any
    given machine because that depends entirely on the machine and its
    operator.

    That being fact, if you are "local" you hand out much more information
    that you do remotely, and have considerably less protection. This is
    exactly why an attacker going after a hardened networked target frequently
    looks for more vulnerable machines on that network to compromise. It's a
    whole lot easier to crack a nut if you control part of the tree. ;)
     
    George Orwell, Apr 13, 2006
    #7
  8. Apt Sa

    donnie Guest

    On Thu, 13 Apr 2006 04:30:25 +0200 (CEST), George Orwell
    <> wrote:

    >No, it shouldn't. I didn't say a machine could be easily compromised, I
    >said it is MUCH easier to do on a local network, and that is a correct
    >statement. I never once said anything about the difficulty of cracking any
    >given machine because that depends entirely on the machine and its
    >operator.

    ###########################################
    Then to put an end to all the guessing, the original poster should
    connect a laptop through a wired NIC to his network, since he said
    everything else was wired and put a wireless card in it at the same
    time. Then take another laptop w/ a wireless NIC, sit in front of
    the building and see what happens. Then he will know if there are any
    so called ad-hoc computers or unsecured networks that might be a
    threat to him. Testing the actuall scenario that he described is the
    best way to go. The test could be done from time to time in case the
    outside circumstances change.
     
    donnie, Apr 14, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    1,512
  2. Apt Sa

    wireless adapter security question

    Apt Sa, Apr 10, 2006, in forum: Wireless Networking
    Replies:
    0
    Views:
    381
    Apt Sa
    Apr 10, 2006
  3. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    616
    COMSOLIT Messmer
    Sep 5, 2003
  4. GS
    Replies:
    5
    Views:
    1,417
  5. =?Utf-8?B?a2V2aW5sYQ==?=

    ExpressCard wireless adapter vs PC card wireless adapter

    =?Utf-8?B?a2V2aW5sYQ==?=, Sep 18, 2007, in forum: Wireless Networking
    Replies:
    6
    Views:
    1,013
    maxtaurus1
    Dec 21, 2008
Loading...

Share This Page