Wireless ethernet?

Ron Peterson ron.peterson at yellowbank.com
Mon Aug 13 21:12:18 EDT 2001


On Mon, 13 Aug 2001, Derek D. Martin wrote:

> Derek Atkins said:
>
> > IPsec and SSH do as good a job at keeping nosy people out of your
> > network.  The way I would do it for a corporate LAN (and I know of
> > some companies that do it this way) is to have two networks, a wired
> > network and a wireless network.  Keep the wireless network "outside
> > the firewall" (note: I disbelieve in firewalls, c.f. my BLU talk
> > about 5 years ago ;)
>
> I'm very curious about the nature of your disbelief in firewalls, and
> I'm unfamiliar with your talk.
>
> It seems to me that perimeter security -- limiting the traffic which
> can enter your network from unknown and untrusted parties on the
> outside to only that which is absolutely essential for your business
> or personal needs -- is an essential part of securing any site.
> Firewalls are a proven tool to accomplish this goal.  I'm unable to
> imagine a reason why someone would not want to have one, given today's
> network landscape and the (lack of) ethics rampant amongst a certain
> subset of the people who hang out there.

In an academic environment, it's difficult to advocate running a firewall,
because it involves making a value judgement about what is and isn't
acceptable.  Bandwidth shaping is another matter.  E.G. - don't block
Napster, but don't allow it to overwhelm the network.  Of course this
doesn't equate to tolerating abuse - campus computers getting cracked,
students distributing warez, etc.  But it's an educational experience for
students to be playing with this stuff.

It's much easier to establish and enfoce usage policies in a corporate
environment.  Or a home network, for that matter.

-- 

-Ron-
https://www.yellowbank.com/

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).



More information about the Discuss mailing list