Monitor WiFi access points

By c.grz
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

n_K

Posted
Posted

Also working for a local government LE agency I can tell you the BEST way to handle this type of situation is through policy with strict warnings/actions. And as to the comment above saying that introducing wireless interference is not illegal simply because you are part of the government or government service is incorrect.

Wrong, it is correct.

http://www.telegraph...ng-devices.html

and http://stakeholders.ofcom.org.uk/enforcement/spectrum-enforcement/jammers/

Grand Master

xendrome

Posted
Posted

Ok what I am saying is just because someone works for the government doesn't mean they can just jam cell phone signals. If a jail wants to jam cell phone signals to keep inmates from trying to make outbound calls and smuggling in cell phones, then I'm sure they have proper approval and have done the correct steps to take those actions. But just going "Oh hey I work for the government... <<turns jammer on>>" doesn't make it legal.

Grand Master

Draconian Guppy

Posted
Posted
Yeah i'm probably "desensitized" on sensitive information... :p BUTT that said, disabling wifi is easy, installing group policies as well. Eg email SHOULDn'T if not in same domain. Most desktops shouldn't have admin. privileges to install a wifi dongle (seeing as how most desktop don't come with built in wifi) etc...
Also working for a local government LE agency I can tell you the BEST way to handle this type of situation is through policy with strict warnings/actions. And as to the comment above saying that introducing wireless interference is not illegal simply because you are part of the government or government service is incorrect.
^ exactly, its not that they can browse porn (example) on their smartphone. Its that they are bypassing the company internet filtering, connecting the work device to an unsecured network, etc. Your best bet is to lock down the work devices to only be able to connect to specific wifi APs and not allow the users to change these settings. As to warning of these hotspots popping up, yeah the netsh script should be easy enough to setup so that you get a warning and details about the hotspot that is around.
might want to remind your boss that it is better to prevent aids then try to cure the aids breakout over the network.
Ok what I am saying is just because someone works for the government doesn't mean they can just jam cell phone signals. If a jail wants to jam cell phone signals to keep inmates from trying to make outbound calls and smuggling in cell phones, then I'm sure they have proper approval and have done the correct steps to take those actions. But just going "Oh hey I work for the government... <>" doesn't make it legal.
I thought working for the government gave you unlimited power... :-(

It does, through policies :shifty: I think what we can outline here is

YOU can setup the WORK related computers so that they don't connect to someother network.

Mentor

dvb2000

Posted
Posted
I guess we'll just have to update our IT policy forbidding the use of wireless devices not approved for use by the I.T. Department.

As above, you're wasting your time.

You can only control your own network, and "possibly" any workstations you control by a locked down SOE. If they are using laptops (likely since you mention wifi) then most likely they are "mobile" staff who would be able to connect to wifi access points while they are away from the office, so its impossible for you to lock this down.

Even if not, they would just use their own smartphones/tablets to surf the web and you have ZERO control over their own personal devices.

Unless you're part of the government or a government service (which includes fire and police) in which case it's legal :p

I doubt it, even government departments (or in this case, micro managing, control freak, managers) would need to apply and receive the appropriate communications license to use such devices.

Mentor

dvb2000

Posted
Posted
The issue is when these people use city owned equipment along with their personal hotspots/smart phones to bypass security we have in place to protect our network.

You need to step back and look at the overall picture then.

Your issue is that you want to protect your network.

Your problem is that employees are bypassing your security because you've locked them out of facebook (or whatever) via your proxy.

Simply put, you need to

1) remove restrictions on your internet gateway, which means YOU can control inbound hacking attacks.

2) publish some policy guidelines as to what can and can not be accessed, and get your users to agree/sign to the terms, and DO NOT block what your users want to access in their down time

3) "monitor" your internet connection, and send the appropriate warnings to the people violating your policy (via their manager). Offenders of "illegal" type content would be given more than a slap on the wrist.

4) don't concern yourself with people accessing gmail, facebook, neowin, WSJ, disney etc. I'd imagine people like firemen would have LOTS of downtime, so they need to occupy themselves somehow!

Mentor

c.grz

Posted
  • Author
Posted

You need to step back and look at the overall picture then.

Your issue is that you want to protect your network.

Your problem is that employees are bypassing your security because you've locked them out of facebook (or whatever) via your proxy.

Simply put, you need to

1) remove restrictions on your internet gateway, which means YOU can control inbound hacking attacks.

2) publish some policy guidelines as to what can and can not be accessed, and get your users to agree/sign to the terms, and DO NOT block what your users want to access in their down time

3) "monitor" your internet connection, and send the appropriate warnings to the people violating your policy (via their manager). Offenders of "illegal" type content would be given more than a slap on the wrist.

4) don't concern yourself with people accessing gmail, facebook, neowin, WSJ, disney etc. I'd imagine people like firemen would have LOTS of downtime, so they need to occupy themselves somehow!

1) Outside of porn and a few other types of sites, firemen have unfiltered access to the web.

2) Each employee signs a policy when they are hired but like stated earlier by me, we need to update it to include new technologies like hotspots and the like.

3) We do "monitor" our internet connection via our Barracuda, but how would YOU go about monitoring a connection you have no control over or are aware is in use?

4) refer to #1

Right now all the "higher ups" are attempting to do is monitor the situation. They're attempting to do two things, make sure that this is even a problem and if so, to catch people in the act.

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

What barracuda model do you have? They have a remote filtering option that is built in most models on current firmware.

Also

http://www.grouppolicy.biz/2010/03/how-to-use-group-policy-to-blackwhite-list-wireless-networks-in-vista-windows-7/

Mentor

c.grz

Posted
  • Author
Posted

What barracuda model do you have? They have a remote filtering option that is built in most models on current firmware.

Also

http://www.grouppolicy.biz/2010/03/how-to-use-group-policy-to-blackwhite-list-wireless-networks-in-vista-windows-7/

Thanks for the link. We currently have a 310 and a 410v.

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

You would have to check the 310 but I know that the 410 does.

http://www.barracudanetworks.com/ns/downloads/Admin_Guides/Barracuda_Web_Filter_AG_5.0.pdf

Should be around page 58. You always have the option to call up support and they will walk you through it. Support is usually really good provided you get them during the day time in west coast time.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • 2TB WD_Black SN7100 PCIe Gen4 NVMe SSD drops to its lowest price in over three months

      By Fiza Ali · Posted

      2TB WD_Black SN7100 PCIe Gen4 NVMe SSD drops to its lowest price in over three months by Fiza Ali Amazon is currently offering the 2TB WD_Black SN7100 internal solid-state drive at its lowest price in over three months, so you may want to check it out, if you have been considering a storage upgrade, before the deal dries up (purchase link is toward the end of the article). Featuring a PCIe Gen 4.0 interface and M.2 2280 form factor, the SN7100 promises to deliver sequential read speeds of up to 7,250MB/s and sequential write speeds reaching 6,900MB/s, offering as much as a 35% improvement in performance compared with the previous generation. It also achieves random read speeds of 1,000,000 IOPS and random write speeds of 1,400,000 IOPS. The drive uses Western Digital’s TLC 3D NAND technology for reliable performance and is further supported by a five-year limited warranty. It also offers strong endurance, rated at up to 1,200TBW, making it suitable for demanding workloads such as gaming, content creation, and high-speed recording. Moreover, its DRAM-less architecture claims to improve power efficiency (the SSD relies on system memory for caching via HMB), while the WD_Black Dashboard software enables users to monitor drive health, install firmware updates, and activate Game Mode for potentially better performance. Finally, it operates within an operating temperature range of 0°C to 85°C, and can withstand storage temperatures from -40°C to 85°C. 2TB WD_Black SN7100 PCIe Gen4 NVMe SSD: $242.96 (Amazon US) Check this deal out if you want a 4TB option. Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.
    • Windows 11 gets new audio improvements in the latest builds

      By cork1958 · Posted

      Hopefully this will fix the issue of no sound I have since last months stupid, and non-removable, Microsoft Corporation AudioProcessingObject Driver Update (1.0.3.56670)
    • Windows 11 version 26H2 is now available for testing in the latest preview build

      By Captain_Eric · Posted

      It IS confusing! What channel are you in on each device? I'm guessing your 16GB device is on Experimental (formerly known as Dev) and your 128GB is on Beta.
    • Poll: Grand Theft Auto VI price predictions, cast your vote

      By cyberhash · Posted

      100 for the base game , 120 for pre release with bonus unlocked content (a pair of boil washed underpants for Trevor)
    • Politically funny images of the World

      By PsYcHoKiLLa · Posted

  • Recent Achievements

    • Week One Done
      Supreme Spray LV earned a badge
      Week One Done
    • One Month Later
      Genuinetonerink- Dubai earned a badge
      One Month Later
    • Week One Done
      Genuinetonerink- Dubai earned a badge
      Week One Done
    • One Year In
      hhgygy earned a badge
      One Year In
    • Week One Done
      AMV earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      514
    2. 2
      +Edouard
      163
    3. 3
      PsYcHoKiLLa
      86
    4. 4
      Steven P.
      74
    5. 5
      Michael Scrip
      73
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!