Page 2 of 2 FirstFirst 12
Results 16 to 23 of 23

Thread: WI-FI Question

  1. #16
    Join Date
    Mar 2003
    Location
    SE PA - Central Bucks County
    Posts
    65,688
    Quote Originally Posted by Brian Elfert View Post
    How do they sort out permitted versus non-permitted WIFI signals?
    The scanning equipment used by IT departments, etc., is more sophisticated than our consumer devices and can sort out rogue networks, even if they are hidden, etc., as well as physically locate the rouge access points within the environment they are scanning.
    --

    The most expensive tool is the one you buy "cheaply" and often...

  2. #17
    Join Date
    Oct 2006
    Location
    Minneapolis, MN
    Posts
    5,427
    Quote Originally Posted by Jim Becker View Post
    The scanning equipment used by IT departments, etc., is more sophisticated than our consumer devices and can sort out rogue networks, even if they are hidden, etc., as well as physically locate the rouge access points within the environment they are scanning.
    I work in IT and do some of the networking. (Not really much with the WIFI.) My employer has Cisco enterprise WIFI gear that can even overpower rogue access points if set up that way. We primarily look for SSIDs that are similar to ours that are trying to trick employees into connecting.

    At our manufacturing plant it is not unusual to see between 50 and 100 SSIDs due to all the apartment buildings. I don't know how we would determine that one of those SSIDs was a WIFI router someone connected to our corporate network versus a legitimate SSID not connected to our network.

  3. #18
    Join Date
    Mar 2006
    Location
    SoCal
    Posts
    22,494
    Blog Entries
    1
    Quote Originally Posted by Jim Becker View Post
    The scanning equipment used by IT departments, etc., is more sophisticated than our consumer devices and can sort out rogue networks, even if they are hidden, etc., as well as physically locate the rouge access points within the environment they are scanning.
    I run about 3000 radios on a 1200 acre campus and whether it is a wireless router, laptop, phone or wired connection, nothing (other than 'internet only access' for guests) gets on my network without my explicit permission. The methods of restricting what and how things can get on a data network will bore most folks to death. Others are steering you right in that there is a website or phone number for you or your daughter to use to get an answer to your question from the institution.

    I won't comment on networks that allow random connections, lack security or even halfway decent administration. Let's just say if you were able to get on my network without permission, you wouldn't stay connected long enough to browse to Sawmill Creek . For your daughter's sake I hope her institution takes things just as seriously.
    "A hen is only an egg's way of making another egg".


    – Samuel Butler

  4. #19
    Join Date
    Oct 2006
    Location
    Minneapolis, MN
    Posts
    5,427
    My employer's corporate WIFI has pretty tight security. In an ideal world all network jacks would either be MAC locked or have some other requirement before a device can connect. In a world where it is not uncommon to see dozens of legitimate SSIDs how do you determine if one of those SSIDs is not legit and is a router some rogue employee plugged into an open network jack?

  5. #20
    Join Date
    Mar 2006
    Location
    SoCal
    Posts
    22,494
    Blog Entries
    1
    Quote Originally Posted by Brian Elfert View Post
    My employer's corporate WIFI has pretty tight security. In an ideal world all network jacks would either be MAC locked or have some other requirement before a device can connect. In a world where it is not uncommon to see dozens of legitimate SSIDs how do you determine if one of those SSIDs is not legit and is a router some rogue employee plugged into an open network jack?

    The short answer is 'we have tools for that'. We have researchers and visiting faculty and all sorts of wandering user community nightmares. There is no single tool or method and this discussion could get really out of hand really quick ;-) In the wired world, one method I use is to generally hold the MAC address in stasis, allowing only specific handshakes with specific protocols almost as a proxy (but not exactly) until certain criteria can be established. This precludes even local LAN connectivity until the requirements are satisfied. This all takes just a moment but, in my world a lot of things happen in the big fat space of time we call 1 second.

    If you've ever played with Sniffer or Wireshark for protocol analysis, we have something very similar but, tailored for the wireless airspace. Protocol analysis for wireless is handy but, location services and radio frequency analysis factor in. Like any job, there is an industry of tool-makers willing to sell you their goodies.
    Last edited by glenn bradley; 04-22-2017 at 4:37 PM.
    "A hen is only an egg's way of making another egg".


    – Samuel Butler

  6. #21
    Join Date
    Mar 2003
    Location
    SE PA - Central Bucks County
    Posts
    65,688
    And I happen to actually sell some pretty sophisticated identity management that assists folks like Glenn to do their jobs. There are not only ways to detect things, but also to very exactly limit who can get to what these days and without the complicated ACLs required with what I'll term "legacy" networking gear from the "big Gorilla".
    --

    The most expensive tool is the one you buy "cheaply" and often...

  7. #22
    Join Date
    Sep 2006
    Location
    Henderson Kentucky
    Posts
    1,498
    Blog Entries
    2
    Got her Wi Fi setup with Linksys Wi Fi router. She uses the 5ghz channel and she is set up for her guests to use the 2.4 ghz channel. I did a speed test and she is averaging. 67.3m download and 9.47m up load. Average after 4 different tests. I'm pretty darn impressed. I had no idea how good the speed was there. Streaming was fast and flawless on her Apple TV. No lag or buffering.

  8. #23
    Join Date
    Mar 2003
    Location
    SE PA - Central Bucks County
    Posts
    65,688
    Interesting that the performance isn't more symmetrical given the Ethernet drop to the apartment...the service to the building must be from a "cable" type provider, rather than the University or something like that.
    --

    The most expensive tool is the one you buy "cheaply" and often...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •