Anyone know of a utility to disable the wireless when a computer is plugged into the wired network?

Some time ago I read an article in Network World about switched
wireless network hardware and it's implementation in an enterprise
environment.

At the tim I surfed the companies profiled and on one of their sites
saw a small utility that would automatically disable the wireless on
an employee's laptop if they plugged into the wired ethernet. It was
freeware.

I have surfed all the manufacturers sites I can think of or find in
the Network World archives but I cannot find that utility.

I should have nabbed it at the time, it's unlike me not to, and I may
have. But I can't find it.

Has anyone seen that or know it's name or where it can be found?

On Thu, 19 Apr 2007 03:34:21 GMT, "Steevo@my-deja.com"
<Steevo@my-deja.com> wrote:

>Some time ago I read an article in Network World about switched
>wireless network hardware and it's implementation in an enterprise
>environment.
>
>At the tim I surfed the companies profiled and on one of their sites
>saw a small utility that would automatically disable the wireless on
>an employee's laptop if they plugged into the wired ethernet. It was
>freeware.
>
>I have surfed all the manufacturers sites I can think of or find in
>the Network World archives but I cannot find that utility.
>
>I should have nabbed it at the time, it's unlike me not to, and I may
>have. But I can't find it.
>
>Has anyone seen that or know it's name or where it can be found?

Such a utility comes with various manufacturers laptops. It's often
part of a suite of wireless management utilities. For example:
Toshiblah: Config Free
IBM: ThinkVantage Access Connection
There are also a mess of "connection managers" some of which will do
the same thing. However, I can't think of one that is stand alone and
free. Sorry.

However, you don't really need to disable the wireless when one plugs
in an ethernet cable. The IP route metric provides a priority system
for situations where there are multiple paths to the default route(s).
Just run:
route print
and notice the "metric" column. The smaller the number, the higher
the priority (i.e. the lower the "cost" of the route). YOu'll find
that ethernet connections have a lower "cost" which will make packets
favor ethernet over the more "expensive" wireless router.

Description of the Wireless LAN Route Table Metric Behavior
<http://support.microsoft.com/kb/315088>

Behavior When Connected to Both Wired and Wireless Networks
<http://www.microsoft.com/technet/community/columns/cableguy/cg0405.mspx>

An explanation of the Automatic Metric feature for Internet Protocol
routes
<http://support.microsoft.com/default.aspx?scid=kb;en-us;299540>

--
# Jeff Liebermann 150 Felker St #D Santa Cruz CA 95060
# 831-336-2558 jeffl@comix.santa-cruz.ca.us
# http://802.11junk.com jeffl@cruzio.com
# http://www.LearnByDestroying.com AE6KS

On Thu, 19 Apr 2007 03:34:21 GMT, "Steevo@my-deja.com"
<Steevo@my-deja.com> wrote:

>At the time I surfed the companies profiled and on one of their sites
>saw a small utility that would automatically disable the wireless on
>an employee's laptop if they plugged into the wired ethernet. It was
>freeware.
>
>Has anyone seen that or know it's name or where it can be found?
>
If you can find a copy, the utility was probably -Airsafe Personal-
(Freeware) by the Cirond Corp.

--
Michael Slattery
wildbear -at- bigfoot.com

Steevo@my-deja.com wrote:
> Some time ago I read an article in Network World about switched
> wireless network hardware and it's implementation in an enterprise
> environment.
>
> At the tim I surfed the companies profiled and on one of their sites
> saw a small utility that would automatically disable the wireless on
> an employee's laptop if they plugged into the wired ethernet. It was
> freeware.
>
> I have surfed all the manufacturers sites I can think of or find in
> the Network World archives but I cannot find that utility.
>
> I should have nabbed it at the time, it's unlike me not to, and I may
> have. But I can't find it.
>
> Has anyone seen that or know it's name or where it can be found?

http://www.ezlan.net/metrics.html

On Thu, 19 Apr 2007 21:37:01 -0400, "Gordon"
<gordo432xRemove@comcast.net> wrote:

>
>http://www.ezlan.net/metrics.html
That is down.
Know the name of the file by any chance?

On Fri, 20 Apr 2007 00:01:20 +0100, Michael Slattery
<delete@source.com> wrote:

>On Thu, 19 Apr 2007 03:34:21 GMT, "Steevo@my-deja.com"
><Steevo@my-deja.com> wrote:
>
>>At the time I surfed the companies profiled and on one of their sites
>>saw a small utility that would automatically disable the wireless on
>>an employee's laptop if they plugged into the wired ethernet. It was
>>freeware.
>>
>>Has anyone seen that or know it's name or where it can be found?
>>
>If you can find a copy, the utility was probably -Airsafe Personal-
>(Freeware) by the Cirond Corp.

Well, I have been looking for Cirond Airsafe Personal, but not finding
anything.

I did find a reference to the freeware version.
http://findarticles.com/p/articles/m...10/ai_n9510334

It's airpatrol.com now, but it might not be freeware anymore. Seems
like the same people involved as were at Cirond. The site looks
similar to the one in the archive for cirond.com.

I found this page, and they may not know it's up there.
http://www.airpatrolcorp.com/airsafe...l.php?m=1&me=2
But no download link that I can find.

Can anyone help? I looked on the usual places, CNET, bittorrent,
mininova, snapfiles, astalavista. Nothing.

It would surprise me that no one has archived that file.

Can anyone help?

Steevo@my-deja.com wrote:
> On Fri, 20 Apr 2007 00:01:20 +0100, Michael Slattery
> <delete@source.com> wrote:
>
>> On Thu, 19 Apr 2007 03:34:21 GMT, "Steevo@my-deja.com"
>> <Steevo@my-deja.com> wrote:
>>
>>> At the time I surfed the companies profiled and on one of their
>>> sites saw a small utility that would automatically disable the
>>> wireless on an employee's laptop if they plugged into the wired
>>> ethernet. It was freeware.
>>>
>>> Has anyone seen that or know it's name or where it can be found?
>>>
>> If you can find a copy, the utility was probably -Airsafe Personal-
>> (Freeware) by the Cirond Corp.
>
> Well, I have been looking for Cirond Airsafe Personal, but not finding
> anything.
>
> I did find a reference to the freeware version.
> http://findarticles.com/p/articles/m...10/ai_n9510334
>
> It's airpatrol.com now, but it might not be freeware anymore. Seems
> like the same people involved as were at Cirond. The site looks
> similar to the one in the archive for cirond.com.
>
> I found this page, and they may not know it's up there.
> http://www.airpatrolcorp.com/airsafe...l.php?m=1&me=2
> But no download link that I can find.
>
> Can anyone help? I looked on the usual places, CNET, bittorrent,
> mininova, snapfiles, astalavista. Nothing.
>
> It would surprise me that no one has archived that file.
>
> Can anyone help?

Just out of curiosity, why are you looking for utility? Got XP? It's built
in to it, and you don't need a utility....Still using win 98? In that case
you may be screwed

"Peter Pan" <PeterPanNOSPAM@AkamailNOSPAM.com> wrote in message
news:B7udnfIFpZTNB7TbnZ2dnUVZ_jednZ2d@comcast.com. ..
> Steevo@my-deja.com wrote:
>> On Fri, 20 Apr 2007 00:01:20 +0100, Michael Slattery
>> <delete@source.com> wrote:
>>
>>> On Thu, 19 Apr 2007 03:34:21 GMT, "Steevo@my-deja.com"
>>> <Steevo@my-deja.com> wrote:
>>>
>>>> At the time I surfed the companies profiled and on one of their
>>>> sites saw a small utility that would automatically disable the
>>>> wireless on an employee's laptop if they plugged into the wired
>>>> ethernet. It was freeware.
>>>>
>>>> Has anyone seen that or know it's name or where it can be found?
>>>>
>>> If you can find a copy, the utility was probably -Airsafe Personal-
>>> (Freeware) by the Cirond Corp.
>>
>> Well, I have been looking for Cirond Airsafe Personal, but not finding
>> anything.
>>
>> I did find a reference to the freeware version.
>> http://findarticles.com/p/articles/m...10/ai_n9510334
>>
>> It's airpatrol.com now, but it might not be freeware anymore. Seems
>> like the same people involved as were at Cirond. The site looks
>> similar to the one in the archive for cirond.com.
>>
>> I found this page, and they may not know it's up there.
>> http://www.airpatrolcorp.com/airsafe...l.php?m=1&me=2
>> But no download link that I can find.
>>
>> Can anyone help? I looked on the usual places, CNET, bittorrent,
>> mininova, snapfiles, astalavista. Nothing.
>>
>> It would surprise me that no one has archived that file.
>>
>> Can anyone help?
>
> Just out of curiosity, why are you looking for utility? Got XP? It's
> built in to it, and you don't need a utility....Still using win 98? In
> that case you may be screwed
>

Yea!. Just right click on your wireless icon and hit DISABLE. Done.

On Sat, 21 Apr 2007 10:12:00 GMT, "Juan" <n7rcm@pobox.com> wrote:

>
>Yea!. Just right click on your wireless icon and hit DISABLE. Done.
Well, it's not for me.

If I could depend on 1000 people clicking on their wireless icon and
hitting Disable this would not be necessary.

But clearly I can't.

So I want this out of their hands when they are at work.

> If I could depend on 1000 people clicking on their wireless icon and
> hitting Disable this would not be necessary.
>
> But clearly I can't.
>
> So I want this out of their hands when they are at work.



As Jeff said, just make sure that the metrics on each pc are set for
ethernet over wireless. Then, every time it's got an ethernet
connection, it ignores the wireless.


I'm having a hard time seeing why that won't do the job...

Cheers,
Steve

On 22 Apr 2007 10:23:38 -0700, seaweedsteve <seaweedsteve@gmail.com>
wrote:

>I'm having a hard time seeing why that won't do the job...

It's not that it might not do the job, but the post was about old
freeware.

I was not looking for a workaround, at least until after I have looked
at the thing I posted about.

Steevo@my-deja.com wrote:
> On 22 Apr 2007 10:23:38 -0700, seaweedsteve <seaweedsteve@gmail.com>
> wrote:
>
>> I'm having a hard time seeing why that won't do the job...
>
> It's not that it might not do the job, but the post was about old
> freeware.
>
> I was not looking for a workaround, at least until after I have looked
> at the thing I posted about.

Have you considered why people keep saying you don't need it, and nobody
knows anything about that specific program?

Fraid I don't understand why you would even consider, that a function of
windows (that works great) should be ignored, and you want to find some
obsolete program to workaround what windows already has and works?

Seems to me that the program you posted about is a workaround to a something
that works, but you don't want to use.... So that term is wrong... don't
really know what to call it, since you can't have a workaround to something
that already works! :)

"Steevo@my-deja.com" <steevo@my-deja.com> hath wroth:

>On 22 Apr 2007 10:23:38 -0700, seaweedsteve <seaweedsteve@gmail.com>
>wrote:
>
>>I'm having a hard time seeing why that won't do the job...
>
>It's not that it might not do the job, but the post was about old
>freeware.

Perhaps the reason you can't find any applications is that it's not
necessary with Windoze 2000, XP, Vista, Linux, or OS/X? Using the IP
"metric" to switch traffic between interfaces works just fine. Where
it screws up is when you have two wireless cards or two ethernet cards
with identical metric values (and possibly identical default gateways)
in a computah. However, these can be fixed with manually set metric
values.

>I was not looking for a workaround, at least until after I have looked
>at the thing I posted about.

No problem. So far, you have a freeware program that I couldn't find
in the article search on Network World magazine, some manufacturer
specific connection managers, and Cirond Airsafe Personal, which
appears to be unavailable. With such a poor selection, deploying one
of these on 1000 laptops is not a good idea.

Perhaps it would be helpful if you would disclose what problem you are
trying to solve with this utility.

--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Mon, 23 Apr 2007 00:01:51 -0700, Jeff Liebermann
<jeffl@comix.santa-cruz.ca.us> wrote:

>"Steevo@my-deja.com" <steevo@my-deja.com> hath wroth:
>
>>On 22 Apr 2007 10:23:38 -0700, seaweedsteve <seaweedsteve@gmail.com>
>>wrote:
>>It's not that it might not do the job, but the post was about old
>>freeware.
>
>>I was not looking for a workaround, at least until after I have looked
>>at the thing I posted about.
>
>No problem. So far, you have a freeware program that I couldn't find
>in the article search on Network World magazine, some manufacturer
>specific connection managers, and Cirond Airsafe Personal, which
>appears to be unavailable.

As I think I mentioned, the article in Network world wasn't about that
application. It was about switched wireless networks in enterprise
use. The freeware was just something I stumbled across while reading
the sites mentioned. Not like me to not archive something like that
immediately. FWIW, I don't think it was the Cirond thing.

>With such a poor selection, deploying one
>of these on 1000 laptops is not a good idea.
>
>Perhaps it would be helpful if you would disclose what problem you are
>trying to solve with this utility.
At a medical facility patient privacy is required by law.

Wireless networks are not needed or deployed.

But a walk around audit of the building will detect literally dozens
of wireless clients. It's impossible to find them. Could be staff,
patients, vendors.

It's also impossible to find out whether the interface metrics are set
correctly, at least in the time allotted.

What might be possible is to say "Doc, I am from IT. I need to look at
your task manager for a moment".

As long as the ap is running we can assume it is doing it's job, which
is a heck of a lot faster that comparing the metrics on the network
interfaces of some busy radiologist's computer.

In all the world there has to be someone, somewhere who has archived
that application.

On Mon, 23 Apr 2007 06:15:02 -0700, "Steevo@my-deja.com"
<steevo@my-deja.com> wrote in
<pobp23p3nr2uur6rgu1e06opihvtnidiit@4ax.com>:

>At a medical facility patient privacy is required by law.
>
>Wireless networks are not needed or deployed.
>
>But a walk around audit of the building will detect literally dozens
>of wireless clients. It's impossible to find them. Could be staff,
>patients, vendors.
>
>It's also impossible to find out whether the interface metrics are set
>correctly, at least in the time allotted.
>
>What might be possible is to say "Doc, I am from IT. I need to look at
>your task manager for a moment".
>
>As long as the ap is running we can assume it is doing it's job, which
>is a heck of a lot faster that comparing the metrics on the network
>interfaces of some busy radiologist's computer.

With all due respect, that's not a valid assumption, and certainly
doesn't meet HIPPA requirements.

--
Best regards, FAQ for Wireless Internet: <http://Wireless.wikia.com>
John Navas FAQ for Wi-Fi: <http://wireless.wikia.com/wiki/Wi-Fi>
Wi-Fi How To: <http://wireless.wikia.com/wiki/Wi-Fi_HowTo>
Fixes to Wi-Fi Problems: <http://wireless.wikia.com/wiki/Wi-Fi_Fixes>

"Steevo@my-deja.com" <steevo@my-deja.com> hath wroth:

>As I think I mentioned, the article in Network world wasn't about that
>application. It was about switched wireless networks in enterprise
>use.

I think you mean "wireless switches". These are a mess of dumb
wireless access points, with all the brains in a rack mounted wireless
switch box. It has the major advantage of central administration of
everything. The major problem is that all such solutions tend to be
very proprietary by vendor. There are also some implementations which
are controversial (Meru versus Cisco) in their adherence to
established standards. They have some major benefits in a hospital or
corporate environment. I have a list of vendors (somewhere) if you
want it. Perhaps they offer the utility.

>>Perhaps it would be helpful if you would disclose what problem you are
>>trying to solve with this utility.

>At a medical facility patient privacy is required by law.
>
>Wireless networks are not needed or deployed.

Yeah, I've noticed that. Vendors are so unsure of their installations
of encrypted tunnels and authentication mechanisms that they're
proscribing wireless. I deal with several medical offices, a
pharmacy, and several convalescent hospitals, that have totally
independent wireless systems that never touch the protected LAN with
the medical records. I get the thankless job of proving to the
auditors that the two networks are completely independent.

>But a walk around audit of the building will detect literally dozens
>of wireless clients. It's impossible to find them. Could be staff,
>patients, vendors.
>
>It's also impossible to find out whether the interface metrics are set
>correctly, at least in the time allotted.
>
>What might be possible is to say "Doc, I am from IT. I need to look at
>your task manager for a moment".

I'm not an expert on HIPAA compliance, but I can assure you that the
obstacle course setup by the typical IPSec VPN is sufficient to
prevent both bridging and routing via the clients wireless connection.
As long as the VPN shim is controlling the routing, no packets are
going to go out via the wireless. It's also possible for a VPN client
to detect additional network connections and disable the VPN tunnel
until these additional connections are user disabled.

>As long as the ap is running we can assume it is doing it's job, which
>is a heck of a lot faster that comparing the metrics on the network
>interfaces of some busy radiologist's computer.

Duz "ap" mean "application" or "access point"? The application you're
looking for will probably do what you want, but does not in itself
guarantee that the wireless is disabled (unless imbedded in the VPN
application). For example, the applications might turn off the
wireless on initial startup, but there's nothing to prevent the user
from turning it back on after starting the VPN client and tinkering
with the routing table. This cross checking can get very complicated
very quickly.

The best compromise I've seen is to setup user laptops with two (or
more) user profiles on startup. Profile #1 is called "general
computing" and has everything setup normally including wireless.
However, the VPN client is setup to check the profile and not connect
if running "general computing". Profile #2 is called "secure network"
and disables everything except what's necessary to run the VPN and
associated applications. Also, different user logins for each profile
to avoid cross pollination. This isn't 100% totally HIPAA secure
because a knowledgeable user can hack some of the settings and
download the usual viruses and worms. Make sure your VPN gateway has
a functional virus/worm scanner and IDS running. However, it's been a
reasonably good compromise.

Incidentally, the system setup by one vendor (which I can't find) has
the client checking the process table for a list of applications
running when connected too the VPN. If there's an application that it
doesn't know about, the client will not connect. I can see support
problems with this approach, but it should work with user profiles,
where the applications installed and running can be tightly
controlled.

>In all the world there has to be someone, somewhere who has archived
>that application.

I'll keep looking, but I still think your approach and proposed
solution is seriously lacking. Good luck.

Wireless Security: Ensuring Compliance with HIPAA, GLBA,
SOX, DoD 8100.2 & Enterprise Policy
<http://www.airdefense.net/whitepapers/paper_policy.shtm>

HIPAA and wireless articles:
<http://www.hipaadvisory.com/tech/wireless.htm>
<http://search.techrepublic.com.com/search/hipaa+and+network+security+and+wireless+network.ht ml>
etc...

--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

On Mon, 23 Apr 2007 09:39:47 -0700, Jeff Liebermann
<jeffl@comix.santa-cruz.ca.us> wrote:
>I'll keep looking, but I still think your approach and proposed
>solution is seriously lacking. Good luck.

Jeff,

Perhaps. But I have no approach yet. And I have proposed no solution.
I just wanted to look at that old application.

Thanks for the helpful post.

On Apr 22, 3:37 pm, "Ste...@my-deja.com" <ste...@my-deja.com> wrote:
> On 22 Apr 2007 10:23:38 -0700, seaweedsteve <seaweedst...@gmail.com>
> wrote:
>
> >I'm having a hard time seeing why that won't do the job...
>
> It's not that it might not do the job, but the post was about old
> freeware.
>
> I was not looking for a workaround, at least until after I have looked
> at the thing I posted about.

Oaaakay, You are not actually "solving the problem" (see topic
title), but trying to effect a specific solution that you are
interested in.

I have to say, however, that using the built-in automatic feature of
the OS does not sound like a "work-around" !

Especially compared to installing a program and running (yet) another
service on 100 computers.

But I do understand, you want to play with this specific software,
there isn't really a problem.

Cheers,
Steve

"Steevo@my-deja.com" <steevo@my-deja.com> hath wroth:

>Perhaps. But I have no approach yet. And I have proposed no solution.
>I just wanted to look at that old application.

Argh. I had the utility sitting on my machine and forgot about it.
Must be brain damage from too much RF. See NicSwitch at:
<http://www.netswitcher.com/NicSwitch/nicswitch.htm>
Is this the one? I haven't tried NicSwitch, but I've used Netswitcher
for many years.

I still think you're doing this mostly wrong. The only thing you
really have control over is the gateway and applications server.
Trying to control, police, or sanitize the client is in my opinion a
futile and impossible task, especially with 1000 machines of mixed
lineage. If you insist on imposing some level of security on the
client, the best you can probably do is a VPN client that makes sure
that any other networks are automagically disconnected. However,
that's not sufficient, so you'll probably need to treat every incoming
connection as hostile until authorized and authenticated. Then, limit
their access to the inside LAN to only those machines that they need
to access. This would also be a great place for an IDS (intrusion
detection system) to catch any worms, probes, and hostile applications
coming from the client. If the client has been compromised by a
trojan, the IDS should catch the unusual traffic.

As for wireless, ignoring it is also futile. Wireless is not going to
disappear and connectivity is not going to remain restricted to
ethernet. (Kinda reminds me of the bad old days when the mainframe
clique tried to block PC's, and when corporate MIS tried to block
Mac's). I suggest you at least become familiar with the operation,
security issues and techniques involved in implementing secure
wireless system. Be prepared for the inevitable day when it's
demanded by your users.



--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558