Forum

WIPS, WIPS, and WIPS.  Oh, and some group policy.  The group policy will always be your first attack.  However, some windows 7 clients are always going to be out of band, that is just the nature of the enterprise.  However, this is not a new thing for the linux systems out there.  They have had soft AP capability since HostAP came out years ago. I know your are specificially asking about preventing an accidental breach from one of you coworkers.  Group policy will likely get you where you need to be for that, but I urge you to deploy a WIPS if you have the funding.  If not, there are some tools that will scan the wire for bridging clients.  I believe the Win7 soft AP requires NATing so, you may have to rely on AD to get the job done. I have the same concerns, when it was just HostAP you had to worry about, your average worker wasn't going to bother learning linux just to run an AP on their laptop.  But now it is a little scary.  Check Joshua Wright's preso's on this exploit at www.willhackforsushi.com. Lock down your laptops and WIPS, WIPS, WIPS. It should be law that every WLAN sale requires a WIPS.  Great question!