How are we supposed to read 5GHz WiFi signal strength bands?

I have been in a nearby city, where there are a lot of college students. I don't see "home" but I do often see ISP names or router brand names. It looks like an attempt by sellers to provide unique SSIDs, and users who don't change the defaults.

Where I live, I don't see prefixes like that, but I do see some interesting names like "FBI Surveillance" and "ThisIsNoyTheWiFiYou'reLookingFor".

Reply to
Mark Lloyd
Loading thread data ...
[snip]

I used to see a lot of "Linksys" SSIDs without wireless security. Once I considered connecting and changing it to something like "I'm so insecure!" or "I need my WPA!",

Reply to
Mark Lloyd

Ah. That makes a *lot* of sense (I hate when that happens!). :)

This is a "comcast neighborhood", where all the college kids live. We can assume most of them weren't born with a router next to the silver spoon in the cradle, so, they probably got their modem/router combo's from Comcast. And Comcast probably defaulted on the naming conventions.

That makes too much sense! Thanks for 'splaining.

Reply to
ceg

Because of butterfly tables, you want your ESSID to be unique, I think.

The details are beyond me (I think Jeff Liebermann turned me on to this concept), but the net is that you don't want your ESSID to be something that is in the hash tables of 30 million other ESSIDs.

Reply to
ceg

Fancy SSID has no impact on security.

Reply to
Tony Hwang

Butterfly hash tables?

Reply to
ceg

Wrong. The SSID is used as a "salt" to do WPA/WPA2 encryption. The rainbow tables are only useful if the SSID of the system that you're attacking is the same as one of the SSID's in the rainbow table. Using a common SSID listed on Wigle improves the probability of a successful attack. I use my address.

Reply to
Jeff Liebermann

Regardless, it is crackable if one intends to. I don't even bother hiding my SSID. Nothing important in my home network. My lawyer, bank, accountant keeping important stuffs.

Reply to
Tony Hwang

This is one reason why I hate security discussions. If you really think there's nothing important on your home computah, then I suggest you test this. Install a program that does a recursive text search on all your files. For Windoze, I use Agent Ransack: Plug in your social security number, checking account numbers, and credit card numbers, and see what it finds. The idea is to obtain enough info to perform an identity theft. I was rather surprised to find both on my machine. While WPA2 cracking is usually just to gain access to a faster or more convenient internet connection, it's not beneath the dignity of most casual hackers to make some money on the side.

Reply to
Jeff Liebermann

It could affect how attractive your network is to a potential intruder.

So, indirectly, it is affecting security since it makes the difference on whether or not someone tries to get in.

Reply to
Sam E

Don't name your WiFi network "monkey".

Reply to
Sam E

The SSID can be 1 to 32 characters. One of my customers set his SSID to "*". I forgot exactly what it broke, but I do recall spending a week failing to fix what I thought were unrelated problem. When I changed the SSID to something reasonable, all the weirdness went away. This was quite a while ago so presumably it's now fixed.

Another fun SSID is "ANY". I don't recall what it was suppose to do, but it was thrown into some long forgotten manufacturers firmware to allow any device to connect, probably for repeaters and range extenders. Try it and see what breaks.

Also try "Free Public WiFi" which is really a Microsoft XP bug.

Reply to
Jeff Liebermann

It doesn't seem like you understand the problem. Maybe you do, but it doesn't seem like you do.

The problem is they used, as a salt, the ESSID!

That's a pretty dumb salt.

It's even a dumber salt if the owner leaves the ESSID at the default values, or, if the owner changes the ESSID to something common.

Because of that, anyone with the tables already has your hash and is on your wireless network already.

Reply to
Ewald Böhm

You have to realize what Jeff is trying to tell you, which is that any common name for the ESSID has *already* been hashed.

In that case, WPA2/PSK is worthless.

Use a common name, and you immediately have no security no matter what you set the security to.

Reply to
Ewald Böhm

WPA2/PSK is one thing that is needed. Another is a better ESSID.

Reply to
Mark Lloyd

You need both. One without the other is worthless.

Reply to
Ewald Böhm

Yes, both are better. I was never recommending only one, even though that would be far from worthless.

Reply to
Mark Lloyd

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.