More or less secure

[anything I don't mind]

hey

We have this problem at work where floors 5 and 6 have no patch panels in the basement for those floors. There is only fiber coming down from the fifth to the basement. We have been asked to put the adsl line which we use for a guest wireless. It is not on our main network. We have been asked to install that on the sixth floor. But we can't patch it up there. I suggested creating a vlan and running it through the main network infrastructure but my boss did not want to put the other internet on the main network as it is a security risk. So which is worse, creating a vlan for it or putting a wireless on the main network with wpa2 ?

They both have risks but not sure which one is better, i think it is only temp solution. maybe neither of them ?

 

[anything I don't mind]

I saw this one voip hacking video once.

The hack was that if you plug a laptop into a ethernet port where a voip phone was on a cisco or avaya network you run this software on the laptop and it negoiates the vlans and gives you full access to the phone system and network subnets. The program was quite nice it had the ability to intercept and record phone calls etc. off topic but you should lock stuff to mac address in ultra secure environments. But the point was the vlan negotiation.

i saw it as putting a wireless on the main network opens up the neighbours and streets to the main network, but vlaning the guest wireless would open up the entire internet to the internal network. The main internet/network has a firewall but the guest wireless only has some basic router with no SPI.

I think i might just tell them that until we can patch the guest wireless up to the sixth floor we are going to have no wireless up there.