conundrum

Someone is running a range extender or repeater that is setup to repeat anything it hears. I've seen these erratically appear on Netstumbler while the originating access point has the SSID broadcast turned off. I haven't investigated the exact cause.

No problem as you're on a radically different channel. However, you should check for users on 11 and 12 as these might cause interference.

Reply to
Jeff Liebermann
Loading thread data ...

I set up a small 54g wireless LAN at home a few months ago. It's got a belkin 7130 access point, and one machine has a linksys wusb54g, which is where the interesting things are happening.

I set the SSID as not broadcast, for the usual reasons, and usually, trying a site survey does not show my home network. However, today, after some problems connecting to the AP, I did a site survey, and found my own network listed, as well as a new one in the neighbourhood (normally, none are visible). I've had my network visible to a survey briefly (seconds only) before, but it was visible today for a quite extended period.

Any ideas please on why a supposedly suppressed SSID would be showing up in the site survey?

Also, the signal strength of the 'foreign' network is actually greater than my own (both being listed at around 40-50% in the survey). They haven't secured it at all, and seem to be using their surname as their SSID - a quick look in the phone book suggests they're possibly around

300m away, with a *lot* of brick walls in the line of sight to the wusb54g (compared to own
Reply to
Mike Scott

First, you gain nothing by not broadcasting SSID. Your SSID is contained in the data stream anyway, many wireless cards will report the hidden SSID; and all hacking tools, umm, I meant to say wireless diagnostic tools will report it. Wireless Zero Configuration, if you use it, works best, if not outright required, with SSID broadcast enabled and you are finding out that without SSID broadcasting, all bets are off for a stable connection when other networks are in the area.

In addition, in the advanced properties of your wireless properties, there are check boxes for "automatically connect to non-preferred networks" and setting the type of networks to restrict. Make sure that non-preferred networks is unchecked and that "infrastructure only" is checked.

Reply to
Quaoar

Now I'm puzzled. I thought SSID b/cast was basically for the benefit of site-survey needs: in other words, if you know the SSID, you don't need it broadcast in order to find the network. I've not seen it mentioned elsewhere that it is needed for normal operations. I know the SSID is embedded in the normal data stream anyway, and so accessible. But not broadcasting it keeps it out of the way of casual observers.

Anyway, I did I site survey from my other bridge - a belkin 7330 - in another room. This shows a second external WLAN in the area (SSID "belkin54g", unencrypted; I strongly suspect the owner won't have half a clue about hacking into others' WLANs ). This 2nd WLAN has never shown up on the linksys; indeed the WUSB54G reports signal levels generally around 10dB lower than the belkin. I'm not sure if this is the room, or the bridge! That other WLAN's on ch11, which is getting a bit close to

13......

Done already; at least, the linksys monitor equivalent.

Reply to
Mike Scott

It's not. If Jeff's guess is right (and they usually are) this seems like a pretty good reason, to me, to NOT broadcast the SSID. Now you have an easy way to see if somebody's extending your signal. What you'd do about it is up to you...

Reply to
Derek Broughton

Nope. Some really dumb clients can't connect unless they hear the SSID broadcasts. I bought a no-name PCMCIA card that did that. Even if you knew the SSID of the access point, it still refused to connect. However, I think this is the exception rather than the rule and really should not be a problem with today's clients.

I've been wrong before. Caveat Emptor.

In my never humble opinion, hiding the SSID is dumb. It screws up a few clients and make interference detection complicated. For what little security it adds, it sure makes life difficult for all involved. It's like hiding your house address from the post office. Normally, the mail will arrive, but it sure makes it difficult for everyone else.

It's not too difficult to sniff the traffic and see if there's a repeater around. You'll see all the packets twice. Once going in, and once going out. The real problem is that some repeaters (I forgot which ones) can be set to ANY for the SSID and will regurgitate all packets, regardless of SSID. I think this feature was invented so that a single repeater can service multiple networks. Nice idea but there are complications when it starts regurgitating unwanted packets.

In about 1999, I intentionally installed one of those at a high point overlooking the downtown area. You could connect to just about any of the dozen assorted networks. Everyone's range was magically extended over the entire town. I thought this was cool.

Unfortunately, all the local wireless networks were also having trouble with what appeared to be co-channel interference. Traffic was slothish, erratic, and prone to disconnects. Turn off the repeater and everything was back to normal. Hmmm... Well, when the repeater literally doubles the amount of traffic in the air, adds everyone else's traffic to the mess, and guarantees that everyone will have to wait until the repeater is done sending, then we have interference. The repeater lasted about 3 days and went back to playing access point.

I'm still not sure it's a repeater that was causing the SSID to appear, but I can't think of much else that could do it, other than a spoofed access point or hacker.

Reply to
Jeff Liebermann

Find the culprit and ask them to stop stealing your signal?

Reply to
Derek Broughton

and with a dumb repeater, your options to do something about it are?...

a) Nothing b) Nothing c) Nothing

Ok, there's d) which is modify your own radio propagation so that it's not within reach of the repeater but there's not much you can do as far as the other person is concerned and doing this could be to the detriment of your own service.

David.

Reply to
David Taylor

You're right, and actually phrasing it that way would put the person on the defensive right away, so I probably shouldn't have said it even flippantly.

What I really should have said, is "find the culprit and point out to him that he's rebroadcasting your signal - making it easier for someone _else_ to steal". Because, in all likelihood, the guy doesn't have a clue what he's done and _isn't_ trying to steal your signal. And he may still be trying to figure out why his repeater _isn't_ connecting to his own AP :-)

otoh, you may not even care if someone else uses it, and think it's a pretty neat idea that your network is becoming a MAN.

Reply to
Derek Broughton

But he's not stealing it, just rebroadcasting it via a pretty dumb device.

Reply to
David Taylor

There is one more thing,was the ssid of the non-broadcasting AP in the clients active profile used in the the site survey? it could cause it to appear in that clients survey but not another configured for a different ssid..

Reply to
Luddite

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.