01-31-2007 07:58 AM - edited 03-09-2019 05:18 PM
Hi,
At my company we have a lot of wireless broadband connections that users can connect to from their laptops, whilst also being connected to the corporate network. The broadband connection is natted, but thats the only security there is.
I'm trying to convince my bosses that this is bad, but need seem examples of how this can make the network vulnerable.
I'm not a security guy, but I can see how this could be a problem.
Could some of you experts out there give me some ammunition to fire at my bosses please ?
Thanks
Lee
01-31-2007 10:02 AM
Well, there is the issue of an attacker getting access to the wireless network --which I've heard happens from time to time;-). do you also only have NAT protecting the internal network? Maybe their thought process is "it doesn't suck any worse than our internal network security".
Do a little research on reverse shells. this link seems to be a good start:
02-01-2007 01:27 AM
Hi,
If the hacker gets access to the wireless network, could you explain what he could actually do ? This network only provides broadband Internet access and has no connection to the corporate net, other than through the PC.
The Internal network is protected by firewalls, prxy servers and a strict rulebase.
Thanks for the link, will take a look
Lee
02-01-2007 06:16 AM
"This network only provides broadband Internet access and has no connection to the corporate net, other than through the PC."
What do you mean "other than through the PC"? I mean, that's really the whole issue. A PC is just a few clicks away from becoming a router. You're network path used to look like this:
Internet<->Firewall<->Proxy<->Notebook
Now it looks like this:
Internet<->Firewall<->Proxy<->Notebook<->Wireless<->NAT gateway<->Internet
Because of mobility, notebooks often present other challenges as well. IME, they are not patched as timely as regular workstations. They are used away from work and in hostile environments, like hotels and airports, and tend to get infected with malware more frequently (i.e. surfing higher risk sites when I'm at the hotel...porn).
If I gain access to the wireless network, I would typically have unfiltered access to any nodes on the wireless network. In your scenario, that includes those higher risk notebooks which are also directly connected to your internal network (i.e. I completely bypasses all those carefully implemented firewalls and proxy servers you mention). If I can compromise one of those hosts, then I will likely have full network access to your internal network.
02-01-2007 08:27 AM
Thanks Mhellman, thats good info and explains the risks well, I have a meeting with my bosses next week so this will help me illustrate the risks to them
Lee
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: