A word to the weary with all this talk of wireless routers and green networks...
Most of you are likely aware there are common authentication bypass vulnerabilities on these consumer routers. I have now had one hit very close to home... A family member opened an email which we believe to have been the culprit (who knows?). It wasn't long before her antivirus was freaking out, but not before her wireless access points SSID had been mysteriously changed. I had personally secured the AP myself with WPA2 and a sizable passphrase on my last visit. I had also secured the AP itself with a long, secure password. No real harm done. The machine is being cleaned before going on another network and other precautions taken. Since the machine is in BC, I cannot attempt any forensics :-( Again, a word to the weary... check your firmware versions. Regards, Andrew. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn Sent: Tuesday, July 22, 2008 10:33 PM To: CLUG General Subject: Re: [clug-talk] IP-Cop TekBudda wrote: > IIRC connecting a LAN port from the WiFi router to the green card would > pass through any DHCP information coming from the network provide the > router DHCP server was disabled. Now connecting through a blue NIC, is > there anything special I need to do? Is it possible to provide the two > levels of access? connecting your access point to the green network would result in that access point potentially having the same access as wired network drops. In short you are just adding wireless access to the green side of things. Sometimes this is all you really need though - with some reasonable percautions (like a password required) on the access point. Connecting the access point to the blue network is treating the wireless side as a completely different subnet. NOW you can lock down the blue and restrict what they can see - typically this just means they have Internet access (via the blue -> red network). Setting up blue -> green type connections (or orange -> green even) takes a little more work. There is a plugin to provide this type of access, and/or you might be able to do it via port forwarding... But it would take more effort. > The thing is that this is an office of about 15-20 people (at max) and > the traffic is primarily web & e-mail. I would have thought that a 1 > GB CPU with even 256 MB RAM would have been more than adequate to handle > that kind of load, but I could be wrong. I am basing this on the little > gNet router that we are currently using now on a business DSL connection > at the end of a long loop. I could be wrong though. My network consists of a similar box for the IPCop service. I have all of 4 boxes possibly running simultaneously. My server (24/7), my workstation, and two laptops in the house. My box cannot do the VPN and the IDS reliably. one or the other gets dropped sooner or later if I enable both. This suggests that adding in filtering, would require a beefier box in my case. Seeing as you are not doing the VPN, this may be a non-issue for you. Shawn _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying -- This message has been scanned for viruses and dangerous content by the Cistra MailScanner and is believed to be clean. _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
