• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Wireless on Blue or green

B

boles

Senior member

I have an access point that i currently have running on my green network. It is secured so i am not too worried about random people on it but still know that it is not 100% secure. I want to secure things a little more so thinking of moving the wireless to a blue network. Problem is that i want to be able to have access to file shares (windows) from wireless network. Dont want to use VPN so would have to do Pinholes from blue->green. I started to think if i open these ports up that i will have security risks this way.

What is the lesser evil ?
Wireless on green
-or-
wireless on Blue with pinholes to green (udp and tcp 135-139 )
 
no one else responded, so on a serious note...

the only time i've ever implemented what you are referring to is on an internet accessible segment. this segment would run a web-server with a firewall hole for rdp 3389. This allows administration of the web server, but segments it from the production network. tcp 135-139 were too much of a security risk...

this is not necessary if your just running straight wireless...its a little paranoid and overboard. secure it with wpa, long randomly generated psk and you should be safe (relatively).

Wireless networks on DoD production segments dont even go as far as what you've described...it's just too much.
 
Originally posted by: jlazzaro
no one else responded, so on a serious note...

the only time i've ever implemented what you are referring to is on an internet accessible segment. this segment would run a web-server with a firewall hole for rdp 3389. This allows administration of the web server, but segments it from the production network. tcp 135-139 were too much of a security risk...

this is not necessary if your just running straight wireless...its a little paranoid and overboard. secure it with wpa, long randomly generated psk and you should be safe (relatively).

Wireless networks on DoD production segments dont even go as far as what you've described...it's just too much.
Click to expand...


thanks for the reality check. I have some data on my network that is business related and thus i worry about a security problem. If someone hacks the WEP key then they probably could hack the rest of the setup anyhow.
 
why wep...does your current infrastructure not support wpa? if you have no choice in your current encryption method, segregation would be a good idea.
 

i dont have much choice because i have a roomate that has a Tivo... from what i have read they dont support WPA so i am kinda stuck
 
Well, if $40 would take you to the cleaner you are stuck.

However, you can buy this, http://www.newegg.com/Product/Product.asp?Item=N82E16833162173

Added as describe in my link above.

Leave your roommate with whatever he has on the current Router and add the new Router as a secondary segregated Router.

Put all your staff on the second Router and your Wireless can be WPA-AES and what else you choose to do.


 
Originally posted by: JackMDS
Well, if $40 would take you to the cleaner you are stuck.

However, you can buy this, http://www.newegg.com/Product/Product.asp?Item=N82E16833162173

Added as describe in my link above.

Leave your roommate with whatever he has on the current Router and add the new Router as a secondary segregated Router.

Put all your staff on the second Router and your Wireless can be WPA-AES and what else you choose to do.
Click to expand...


first off thanks for the info.

$40 is not going to break the bank, i just dont want to have worry about wireless 2 networks. I already have to use 2 access points in a WDS mode to get the coverage i need. That was a PAIN and i dont want to have more network to worry about.


i think i am just going to have to break wireless off into a blue network and not allow any access to the green. Or configure VPN for those "have to have" moments.


 
You must log in or register to reply here.

TRENDING THREADS

Back
Top