leblanc
asked on
guest wifi penetration testing
I have a wireless guest network and I'd like to test to make sure that it cannot get into my 10.10.0.0/16 internal network. Excluding ping sweep utility, what other tools can I use to do some sort of penetration testing? Thanks
The safest thing to do is use a separate access point on a separate physical LAN. If your data is not that important, then split it off the same access point/physical LAN.
I agree with Lee W. But, if you don't have another public IP address available then you might do this similar approach:
1) Provide an internet gateway for general purposes.
If it has VLAN capability then you may wish to provide two VLANs - one for the Guest network and one for the private network.
2) Provide individual firewalls for each network working upstream to the internet gateway.
3) Block traffic on the upstream side of the private firewall from all but the internet gateway.
I'm sure that there are other ideas in this regard.
The only real difference is that you'd be treating private addresses (in the upstream LAN) as if they were public.
1) Provide an internet gateway for general purposes.
If it has VLAN capability then you may wish to provide two VLANs - one for the Guest network and one for the private network.
2) Provide individual firewalls for each network working upstream to the internet gateway.
3) Block traffic on the upstream side of the private firewall from all but the internet gateway.
I'm sure that there are other ideas in this regard.
The only real difference is that you'd be treating private addresses (in the upstream LAN) as if they were public.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
How are the networks separated at this point anyway?