This is interesting stuff. I was under the impression that if you turned off "Radio Broadcast" on your router, that it was "invisable".
Murray ________________________________ From: Kennedy, Jim [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2008 9:25 AM To: NT System Admin Issues Subject: RE: WiFi setup Glad you found that. I was going to tell the story my son told me, they tagged a bank at 5 miles. But since I had no real proof I didn't want to go out on a limb and debate it....I have no details of how the bank was set up on their end. From: Erik Goldoff [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2008 10:23 AM To: NT System Admin Issues Subject: RE: WiFi setup indeed ... http://www.oreillynet.com/cs/weblog/view/wlg/448 Granted, the following excerpt describes a best case scenario of BOTH ends optimized for distance, but it gives you an idea of how much farther than the expected 300-500 foot coverage can be achieved: "Apparently, antennas of comparable gain cost upwards of $150. Over a clear line of sight, with short antenna cable runs, a 12db to 12db can-to-can shot should be able to carry an 11Mbps link well over ten miles." ________________________________ From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2008 10:00 AM To: NT System Admin Issues Subject: Re: WiFi setup Hmmm. ----- Original Message ----- From: Erik Goldoff <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:ntsysadmin@lyris.sunbelt-software.com> Sent: Tuesday, July 01, 2008 9:54 AM Subject: RE: WiFi setup really, it *depends* ... I've heard (but no first hand experience) of laptops with yagi antennae getting a signal 2000 feet or more from the wifi source ... (approaching a half mile) ________________________________ From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2008 9:19 AM To: NT System Admin Issues Subject: Re: WiFi setup What distance would a High Gain antenna need to get a very weak signal? The building is in the middle of a field with parking all the way around. Secuirty 24/7 to keep the loafers off the premise. Visitors in a localized area. Trees and some small (10 ft high) mounds or hills outside the parking lot. Still not the best set up but the further I can push the cracker jackers away from the building the better I feel. ----- Original Message ----- From: Erik Goldoff <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:ntsysadmin@lyris.sunbelt-software.com> Sent: Tuesday, July 01, 2008 8:59 AM Subject: RE: WiFi setup Arggggh ... Directional antennae *can* limit the signal where you don't want it, but not *eliminate* it completely. Any wireless hacker/cracker with a high gain antenna (yagi, pringles can, etc) may still be able to latch on to your signal. ________________________________ From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01, 2008 6:21 AM To: NT System Admin Issues Subject: Re: WiFi setup The wireless isn't for Joe its for CEO and the like. Here's the bottom line. They want to have their Fantasy Football draft and Nascar draft in the office. No big deal they've been doing it for years. Now they want to do it with out anyone knowing it. So they are going to move around on the big day. That way everyone thinks they are working instead of, you know... Besides the obvious gaff to all the security I am putting in place I like what everyone has written and I am taken it all in. We will most like use Cisco POE products to go with our VOIP with Cisco we currently have in place. Has anyone ever used directional antenii or is that a pipe dream I keep having? Whereas the WAPs are directional instead of broadcast so the signal doesn't 'leak' out into the parking lot??? ----- Original Message ----- From: Christopher J. Bosak <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:ntsysadmin@lyris.sunbelt-software.com> Sent: Monday, June 30, 2008 11:19 AM Subject: RE: WiFi setup Agreed. But I'd personally keep the confidential data off the wireless all together. If Joe Employee needs his laptop to go on the internet, then he can hop on the wireless and stay off the main network. That way, his laptop never sees customer data (and why should it need to for a bank)? Christopher J. Bosak Vector Company c. 847.603.4673 [EMAIL PROTECTED] "You need to install an RTFM Interface, due to an LBNC issue." - B.O.F.H. (Merged 2 into 1) - Me From: Glen Johnson [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 10:07 hrs To: NT System Admin Issues Subject: RE: WiFi setup I agree. MAC filtering is a pain to maintain and provides very little, if any, security. # 1 on George Ou's six dumbest ways to secure wireless list. http://blogs.zdnet.com/Ou/index.php?p=43 Now granted, you've not said what the purpose for this wireless is so maybe you don't need much security. If it is for guests to web surf, put it on a separate vlan, give it internet access and be done with it. If it is for users and confidential credit union data, secure it as much as possible. Good luck. From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 10:54 AM To: NT System Admin Issues Subject: Re: WiFi setup I was messing around with cracking APs and its pretty easy to clone the MACs of devices connected to the AP to gain access when they are using MAC filtering. ----- Original Message ----- From: David W. McSpadden <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:ntsysadmin@lyris.sunbelt-software.com> Sent: Monday, June 30, 2008 10:08 AM Subject: Re: WiFi setup I have been getting the MAC's from all the other devices on the WAN. We are greating VLAN 127. It is the default vlan and will get to the internet only. If you don't have a MAC on the ACL you get a 127 dhcp address and pumped to the internet only. It isn't fully functional yet but it is coming. ----- Original Message ----- From: Steve Ens <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:ntsysadmin@lyris.sunbelt-software.com> Sent: Monday, June 30, 2008 10:06 AM Subject: Re: WiFi setup And use MAC address filtering... On Mon, Jun 30, 2008 at 9:01 AM, Erik Goldoff <[EMAIL PROTECTED]> wrote: and for security in a credit union environment, segment the wifi and use VPN from there to get in to the resources on the wired subnet (among other security measures) ________________________________ From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 9:51 AM To: NT System Admin Issues Subject: WiFi setup I get to build a whole new datacenter for the Credit Union. Yeah. I am pretty good on everything with the exception that the new datacenter will have to have WiFi built in I am looking at 802.11g for now but I thought n was coming out. Does anyone have any comments on how to WiFi a 4000sqft building with 3 floors? Data Security is everyone's responsibility. No virus found in this incoming message. Checked by AVG. Version: 8.0.101 / Virus Database: 270.4.3/1526 - Release Date: 6/30/2008 8:43 AM ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ No virus found in this incoming message. Checked by AVG. Version: 8.0.101 / Virus Database: 270.4.3/1528 - Release Date: 7/1/2008 7:26 AM ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ No virus found in this incoming message. Checked by AVG. Version: 8.0.101 / Virus Database: 270.4.3/1528 - Release Date: 7/1/2008 7:26 AM ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ No virus found in this incoming message. Checked by AVG. Version: 8.0.101 / Virus Database: 270.4.3/1528 - Release Date: 7/1/2008 7:26 AM ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~