[H8R]

So if I jump onto someone's unsecured wifi, is there some way that they can do some sort of keylogging without me knowing?

(or vice versa?)


Also, how far could they bust into a system that is using their connection?


I was just thinking that setting a wifi "trap" would seem like something a clever hacker would do.


My knowledge is limited with this stuff, but I must gain more for work here. We will be broadening our wifi coverage, adding static IP and a VPN to our new server at the beginning of the year, etc. I'm trying to think of the stupidest sh1t that a sales rep could do out in the field, and how it might affect security here.

 

[binary visions]

Joining someone's WiFi network is exactly the same as plugging into their LAN. All traffic and data in and out (that is not encrypted) can be monitored via the router, and any insecurity in your system that would be accessible over a LAN is accessible over the WiFi network. I'm just thinking here... also, any protection offered by the router would be negated by someone being inside the WiFi network - kinda obvious, but still something to note. That is, if there is a port vulnerability that would otherwise be filtered out by the router, you would be falling back on relying on the software firewall to block it.

Encrypted traffic (https and VPN) will still appear as a stream of encrypted traffic on the router, so there shouldn't be any security concern there - the encryption is done locally on the machine.

 

[H8R]

What about general key logging of non-encrypted stuff? Is that possible?

 

[binary visions]

It's not really "key logging" since it's not a key-by-key capture of what is getting input into the local machine. Any unencrypted data that is transmitted, though, can be captured, since you just have to set up a packet sniffer at the gateway and it'll snag everything.

Most of your concerns should be alleviated, though, if you set up a VPN and force the sales people to use it. That will set up an encrypted tunnel for all data sent and received.

 

[H8R]

Coolness.


We are FINALLY getting a new server box here.

This one is on it's last leg. Ancient POS. We run Quickbooks Enterprise Server and Symantic on it and it's pretty much killing the OS drive with updates and definitions.

I checked it last week. Out of 6GB (yes...6) it had 3.8 megabytes free.



I had to dump every non-essential program, patch, log, etc to keep it from crashing and bleeding out.

 

[binary visions]

You work for a bunch of cheapskates.

I hope they weren't that cheap with your Christmas bonus.

 

[H8R]

You work for a bunch of cheapskates.

You have NO idea. Cheap AND stupid. Money bleeds out of so many open wounds here, and then they have no money for sh1t that really needs it.

I hope they weren't that cheap with your Christmas bonus.

What is this "Christmas bonus" you speak of??

 

[binary visions]

If it makes you feel better, I do all the office's computer and network support with a data entry position title, and while everyone else got their week's pay of a Christmas bonus, I got the temporary-employee bonus of $50 because I'm about 4 hours/week short of full time during the school year.

I've been on strike since last Christmas, though. I do what I have time to do, dress how I feel like dressing, and don't offer up any solutions to the ridiculous inefficiencies that exist here.

 

[syadasti]

You work for a bunch of cheapskates.

I hope they weren't that cheap with your Christmas bonus.

Sounds like most small businesses to me - stupid tards

 

[BadDNA]

I've been on strike since last Christmas, though. I do what I have time to do, dress how I feel like dressing, and don't offer up any solutions to the ridiculous inefficiencies that exist here.

I did that at my last job. I'd been given more and more responsibility to the point of being the "site" IT guy (file servers, print servers, local backups, desktop support, etc.) for the company's corporate HQ (corporate systems, mail, web server etc were handled by a different group) while still holding a desktop support title and pay grade. I kept asking my boss for over 6 months for a position review, title update, list of responsibilities etc to no avail. I finally got so fed up with it I printed out the HR job description for desktop support, hung it prominently in my cubicle and flat-out refused to do anything that wasn't part of the job description. My stress level went waaaaay down, I had a lot more time outside of the office and was much happier in general. I got away with that for another six months or so before I left for my current job.

 

[syadasti]

Here is a good website to find out how much small business are ripping you off at work...

Latest current available US Bureau of Labor Statistics data available by occupation and area:

http://www.bls.gov/oes/current/oes_nat.htm

http://www.bls.gov/oes/current/oes151071.htm