RE: [MLUG] FYI: Tigernet WEP key changes on Monday...

["McNutt, Justin M." <EMAIL:PROTECTED>]

> OK, that sounds plausible.  I know that computing at MU is a big
> enough beast that you can't do everything at once, or everything would
> be broken for a lot of people.  It just seemed weird to me to have
> big, beefy, elaborate firewalls in place, and then grant wireless
> access to any, oh, 37337 bit hacker. :-)

Heh.  Seems odd, don't it?

The thing is, physical security is always the most difficult.  At least if a user is attached to our wireless network, he or she - by definition - must be within range of the AP's signal.  In turn, the devices that manage the APs are getting better at using multiple APs to triangulate the actual position of a wireless user.  Muahahaa!

<ahem>

What I mean is, the firewalls are meant to keep out the entire Internet.  That's a big lot of users who aren't anywhere within reach.  We really can't use the firewalls *that* much for local security, because it's too easy to just attach to the trusted side of any given firewall, because you have physical access.

The solution to that has been to keep better and better records of what attaches to the network and who those devices belong to.  Ironically, as we get better at doing *that* we'll have to be *less* intrusive to the users in terms of what they do on the network, forcing people to Web pages (more than once, anyway), etc.

If we have an MLUG meeting any time in the reasonably near future, I'll draw it for you.  It's an interesting problem.

--J

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members