wireless access point

Alma J Wetzker almaw
Mon May 17 11:58:30 PDT 2004 

Matthew Carpenter wrote:
> Hi Alma-
> 
> I commend you on your giving nature and wish more people were so cool... but I still have a beef with what you are doing:
> 
> As someone responsible for network security for several companies, large and small, please understand that personal responsibility is extremely important for network resources.  For instance... When there are hacking attempts, spam, or otherwise ill-favored traffic filling my firewall logs or email servers we must contact the people responsible for the IP Address of origin and apply pressure.  That is the bigtime provider (AT&T, Sprint, etc...), the middle-guy (Comcast, RoadRunner, Iserv), and eventually... you.  If we cannot track down wrongdoings and bad netizenship there is no correction of wrongs.  Often, the customer loses their network, and I would have it no other way.  When you cannot vouch for everyone using your network privileges, you will suffer.  It is only a matter of time.  Kiddie-Porn is only one way you can be affected.  Active hacking or spreading of viruses, etc...  That's likely to get corporate trouble.
> 

There is something to think about.  I have a neighbor that got a virus that 
turned their system into a spam bot.  I shut it down and helped them get it 
fixed.  I know there is a potential for abuse, but I just tend to trust the 
folks that spend time around here.  While I do block some ports (both ways) my 
preference is to leave things open until there is a problem, catch the problem 
fast, and lock out the abuser.  In the grand scheme of things, I believe I 
have less exposure than a Starbucks or a Ben & Jerry's that provide wireless 
to anyone in the store.

I agree that abusers need to be shut down.  I hope that happens only after a 
pattern of abuse not an isolated incident.  (I am just remembering the Mitnick 
worm....)

     -- Alma

> 
> 
> 
> On Wed, 21 Jan 2004 16:40:51 -0600
> Alma J Wetzker <almaw at ieee.org> wrote:
> 
> 
>>I read about that.  It sounded like the defense was going to work.  If I see 
>>that kind of material go by I will start to restrict what the wireless users 
>>can get to.  So far, I just have a couple of neighbors, who I like, using the 
>>access.
>>
>>I know it is a bad habit.  The *nix sysadmins all want to shut down access to 
>>anything not absolutely necessary to job function.  I like to leave everything 
>>not absolutely required to be secure, available to users.  I found that I got 
>>more productive users that way.  (Please note:  That does not mean critical 
>>files can be modified or anything stupid like that.)

More information about the Linux-users mailing list