How does hiding the 802.11 SSID offer any security at all?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Does hiding the SSID broadcase really offer any wireless protection?

I read with interest an article that says to turn off the broadcast of your
SSID. Guess what? My two-computer home wireless network stopped working as
soon as I booted one of WinXP PCs with the Linksys router turned off.  

To recover, I had to go through the entire setup process all over again
just to get the WinXP Wireless Zero Service to again understand the SSID.

What is going on?
Is it really feasible to turn off the broadcast of the SSID?
Or is it so much BS from folks who need to write something to stay in
business?

Is there any way to tell the WinXP PC to look for a certain SSID that isn't
broadcast without having to reconfigure the router every single time?

Confused,
barb

Re: How does hiding the 802.11 SSID offer any security at all?


On Sun, 06 Aug 2006 11:54:38 GMT, barb wrote:
Quoted text here. Click to load it

Here is an O'Reilly article that says to hide your SSID and to change your
broadcast channel for added security.
 http://www.windowsdevcenter.com/pub/a/windows/2005/04/19/WiFiHacks.html

Is this snake oil?

For example, as I already stated, if I change my SSID and then boot up
without the router powered on, there is no way (that I know of) to tell my
WinXP wireless applet the SSID (or am I missing something).

Likewise, if I were to change my channel, I mean how many channels are
there? Wouldn't anyone who wanted to get onto my network just scroll down
to the next channel? Are there an infinite number of channels or a finite
number of channels?

All this seems like snake oil to me.

QUESTION 1:
 Once I stop broadcasting my SSID, how do I tell WinXP to use that SSID?

QUESTION 2:
 If I change my channel, how long would it take a hacker to figure out
 which channel I changed it to?

Thanks in advance for your advice,
barb
 

Re: How does hiding the 802.11 SSID offer any security at all?


Quoted text here. Click to load it

Yes.


Use a network sniffer, and you're getting the SSID by sniffing traffic
from other hosts.

Quoted text here. Click to load it

http://en.wikipedia.org/wiki/IEEE_802.11#Channels_and_international_compatibility

http://standards.ieee.org/getieee802/802.11.html

Quoted text here. Click to load it

Yes.


You need a driver, which supports this.

Quoted text here. Click to load it

Seconds to minutes.

Yours,
VB.
--
Ich würde schätzen, dass ca. 87% aller spontanen Schätzungen völlig für
den Arsch sind.

    Ralph Angenendt in debate@ccc.de

Re: How does hiding the 802.11 SSID offer any security at all?


Volker Birk wrote:

Quoted text here. Click to load it

If no other hosts are running, this could actually limit impact of
exposure. Anyway, the same can already be achieved by using proper
cryptographic protocols (IEE 802.11i with the well-known subsets WPA and
WPAv2, or IEEE 802.1X).

Quoted text here. Click to load it

Yes, you missed the "Advanced configuration" button. Still with no SSID
being broadcasted, Windows won't try to connect automatically.

Quoted text here. Click to load it

As this has to be implemented by every such NIC, it's pretty clear that
it's not a driver issue.

Quoted text here. Click to load it

My gold'ol AMD 772 PCMCIA card (Prism2 chipset) has a channel change
period of about 20 ms. Catches channel hopings within a 1/4 second.

Re: How does hiding the 802.11 SSID offer any security at all?


Volker Birk wrote:
Quoted text here. Click to load it
http://en.wikipedia.org/wiki/IEEE_802.11#Channels_and_international_compatibility
Quoted text here. Click to load it

You should have cross posted the reply. Maybe, that's the only way
she'll see it. ;-)

Duane :)

Re: How does hiding the 802.11 SSID offer any security at all?


On Sun, 6 Aug 2006 07:11:48 -0500, Sooner Al [MVP] wrote:
Quoted text here. Click to load it

If I have one older computer which doesn't support WPA (only WEP) and one
newer computer which does support WPA and a router which does support WPA,
can I use WPA?

I thought we had to have all home computers on the same "standard"
encryption which means only WEP would work in my home network due to the
older computer.

Am I wrong?
Can I use WEP on one computer and WPA on the other?

barb

Re: How does hiding the 802.11 SSID offer any security at all?


On 6 Aug 2006 12:24:21 GMT, Ansgar -59cobalt- Wiechers wrote:
Quoted text here. Click to load it

Likewise with limiting to the known MAC IDs.

Couldn't a hacker simply sniff out the MAC ID used in every packet and
simply spoof that MAC ID?

barb

Re: How does hiding the 802.11 SSID offer any security at all?


On Sun, 06 Aug 2006 12:35:30 GMT, barb wrote:

Quoted text here. Click to load it

Likewise with chaning to a static IP as suggested in this article on
wireless network security:

http://www.extremetech.com/article2/0,1697,1152933,00.asp
which says: "Many wireless routers default to the 192.168.1.0 network
            and use 192.168.1.1 as the default router.
            We discovered one network that didn't give us an IP address,
            but we assumed that they were using the defaults.
            We were right. We configured our notebook with an IP
            address in the 192.168.1.0 network using 192.168.1.1
            as the router address, and we had access to the
            Internet through their network."

What I don't get is you'd have to change the entire class of addresses(ie
subnet mask) to stop someone from connecting wouldn't you? For example, if
I changed the Linksys router IP address from 192.168.1.1 to 192.168.1.66,
anyone could STILL connect from a foreign PC simply by choosing any IP
address in the range of 192.168.1.[0 to 255].

Even if I change the subnet mask from 255.255.255.0 to 255.255.0.0, doesn't
that just open up MORE IP addresses that can connect to my network?

I'm so confused by these articles on wireless security. Can you help me
make sense of their recommendations to sort out the snake oil from the
practical?

thanks,
barb

Re: How does hiding the 802.11 SSID offer any security at all?


barb wrote:

Quoted text here. Click to load it

Hiding the SSID is bad practice. Not only does it break the spec but it's
also a futile effort and, in some cases, can cause performace problems.
http://www.icsalabs.com/icsa/docs/html/communities/WLAN/wp_ssid_hiding.pdf

The only reason you'll want to change to one of the other 11 U.S. WLAN
channels is to avoid conflict with neighboring APs. Otherwise, I strongly
recommend using personal or pre-shared key WPA2 if your access device is
new enough to include it. WinXP, however, will need a hotfix installed:
http://support.microsoft.com/?id=893357

Depending on your access point, it is sometimes possible to run WPA and
WEP concurrently. Feel free to write me off-group if you have further
questions.

-Gary

Re: How does hiding the 802.11 SSID offer any security at all?


Gary wrote:
Quoted text here. Click to load it

humbug!
document stays all: 'The Role of SSIDs in supporting Roaming'.

My WiFi router (hopefully) is not in the habbit of Roaming!
My laptop is in my front room with me -- also present and accounted for!

Anyone 'roaming' attempting to access MY router is by definition,
unknown and thus must be considered an aggressor.

--
---
Jeff B (remove the No-Spam to reply)

Re: How does hiding the 802.11 SSID offer any security at all?


Jeff B

Quoted text here. Click to load it

Perhaps you should read the rest of the whitepaper before dismissing it:

"A network that has only one AP is still faced with roaming behavior and
active scanning if SSIDs are hidden.  The same events mentioned above
still can occur even if there is only one AP.  Even with only one AP and
even if it is configured to use channel 1, the station will still scan all
channels checking for other APs.  In the end, the station will ASSOCIATE
with its original AP, exposing the SSID."

Re: How does hiding the 802.11 SSID offer any security at all?
What kind of wild multiple posts with cross posting do we have here?

I seen a lot of crazy posting but this one about tops my list. :)

Duane :)

Re: How does hiding the 802.11 SSID offer any security at all?
On 08/06/06 23:08, Duane Arnold wrote:
Quoted text here. Click to load it

*nod*  The OP has taken some flack for it in
microsoft.public.windows.networking.wireless too.



Grant. . . .

Re: How does hiding the 802.11 SSID offer any security at all?

Quoted text here. Click to load it

Tried to respond privately to 'barb' but alas, email address rejects email.
Go figure.  



Site Timeline