Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DHCP

Status
Not open for further replies.

maya14

Technical User
May 8, 2007
274
ZA
I have discussed this issue before but thought i have solved this problem.
Every now again i noticed that SBS DHCP have allocated an IP address to a computer which dont belong to our organisation.
Our router only allow inbound ports 80 - 85 for cctc purposes and VPN port 1723 to our network.
We have got wireless access points connected to our LAN but their SSID dont get broadcast. Our Netgear router also have wireless connection which SSID gets broadcast, but it does require a network key.
How are these foreign pc's gaining access to the SBS network???
 
Let me know if I understand you correctly.

you have 2 Differnt SSID on your network.

SSID 1
- Does not broadcasts SSID
- Does not require Network Key

SSID 2
- Broadcasts SSID
- Requires Network Key

Let me know if i am correct?

If this is correct then they are probably getting in though SSID 1. Just because the SSID is not being broadcasts does not mean people can't find it.

Nick
 
Nick is right. Merely not broadcasting a SSID isn't enough to keep people from connecting. The SSID can be identified and used through other means, and there are several tools out there that make it easy for people wanting network access to splice into a network whose SSID hasn't been broadcast.

ShackDaddy
Shackelford Consulting
 
Actually there are 3 WAP's.2 dont broadcast SSID and 1 is but requires network key.
I hear what guys are telling me but how can i protect or even detect who is accessing our network.
 
Here is what i would do... If your site has mutiple WAN IPs available i would put the open SSID on a seperate WAN Address so anyone connecting to that WAP will only have access to the internet. You can then have your users VPN into your network for security.

I have done this for mutiple sites and it works great.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top