Re: firewall package for laptop wi-fi client
On Mon, 24 Jan 2011 01:17:55 +0200, Eero Volotinen wrote:
>> Open wifi hot-spots (or open networks) are dangerous because all your
>> "neighbors" can represent a potential security risk (they have
>> "physical" access to your machine), meaning that you should enforce
>> your computer firewall rules to treat all of the LAN computers as
>> "untrusted" hosts which BTW is not the normal behavior of a firewall
>> (in a LAN environment, internal hosts are the "good" guys and rules are
>> relaxed for the whole LAN machines).
>
> Do you really trust your hosts at lan network? It's a dangerous way.
> There can be hackers, viruses inside your lan network also..
In my lan, at work/home? Sure! I designed it from scratch (bought the
cables, designed the network structure, configured the hosts/firewalls/
gateways, defined computers security and enforce a strict policy for the
users). Every computer/device that is connected to the wires is being
monitored. Incoming wifi AP connections fall into another (separated)
network.
Can't say the same for open networks or other company's network (wireless
or wired). Open wireless hot-spots add additional monitoring complication
(you don't only have to control unexpected visitors coming from anywhere
but you depend on the client/user setup -which most of the time
translates into easy attacks from hijackers who search for indefense/
unprotected computers and use them to run the attack, making the original
source even more difficult to find).
Greetings,
--
Camaleón
Reply to: