If I have my wireless router's SSID Broadcast disabled, am I still vulnerable even though others cannot see me? Or are sniffers these days so good that they can pinpoint my wireless connection even though my SSID Broadcast is disabled?
Thanks
"Sam" hath wroth:
Kismet (for Linux) can easily extract your SSID from associate, re-associate and disassociate packets.
The *ONLY* security measure that really works is WPA encryption.
See the FAQ Wi-Fi Security section at:
Sure, just by listening to the other traffic on the channels using tools like kismet. Other clients have to communicate with the router. As they do this their traffic can be picked up by other clients. It's trivial for software on one of them to listen to the traffic, inject some of it's own, and quite quickly deteremine the SSID (among other things).
So if you want to be secure then use WPA. Otherwise it's nothing more than a weak attempt to "hide in plain sight" by not broadcasting your SSID.
And while you're reconfiguring, make sure you're not on the same channel as other nearby routers.
can you recommend a shareware/freeware package that will determine which channels my neighbors are using on their systems?
73, rich, n9dkoOn Thu, 03 Aug 2006 01:10:13 GMT, Rich wrote in :
He did that.
Sure, on windows use NetStumbler. On linux use kismet. There are boot CDs that are designed to jump right into kismet with linux. Linux and kismet are not trivial to use. NetStumbler is considerably easier to use but doesn't go into as many technical details as kismet. But if all you want to do it see what other channels are active, and you're using windows, then just grab netstumbler.
STFW for links to them.
-Bill Kearney
thanks, bill.
73, rich, n9dkoOn Thu, 03 Aug 2006 01:24:55 GMT John Navas wrote: | On Thu, 03 Aug 2006 01:10:13 GMT, Rich wrote | in : | |>On Wed, 2 Aug 2006 14:17:31 -0400, "Bill Kearney" |> wrote: |>
|>>> If I have my wireless router's SSID Broadcast disabled, am I still |>>> vulnerable even though others cannot see me? Or are sniffers these |>>> days so good that they can pinpoint my wireless connection even though |>>> my SSID Broadcast is disabled? |>>
|>>Sure, just by listening to the other traffic on the channels using tools |>>like kismet. Other clients have to communicate with the router. As they do |>>this their traffic can be picked up by other clients. It's trivial for |>>software on one of them to listen to the traffic, inject some of it's own, |>>and quite quickly deteremine the SSID (among other things). |>>
|>>So if you want to be secure then use WPA. Otherwise it's nothing more than |>>a weak attempt to "hide in plain sight" by not broadcasting your SSID. |>>
|>>And while you're reconfiguring, make sure you're not on the same channel as |>>other nearby routers. |>
|>can you recommend a shareware/freeware package that will determine |>which channels my neighbors are using on their systems? | | He did that.
He didn't tell people where to get it. Hint: it's the very FIRST item returned by Google.
OTOH, Kismet requires a host based wireless card, and apparently will not work through a wireless device like a bridge or access point. There is probably no NPI in those devices to even do such a thing.
Unfortunately, with my DLINK router, enabling WPA encryption slows my internet big time and I have highspeed cable. In addition, with WPA encryption I frequently have dropped connections..damn DLINK!
"Sam" hath wroth:
What model DLink? If you're going to suggest that something is broken, kindly supply the details so others don't repeat your experience. There may also be fixes available.
I've seen slight slowdowns in routers of perhaps 10% or less, but nothing that is obvious except in benchmarks. There is a problem with slow computers on the client end doing WPA-AES, as they often try to do it in software using the CPU, which really burns CPU cycles.
How high is your high speed cable? If you have 6Mbits/sec (that's fast for this area), then all you need is a 12Mbit/sec wireless connection in order to utilize the maximum speed of the cable modem. (Thruput is approximately half the connection speed). Dropped connections might be bugs in the client, where every time it does a key exchange, it drops the connection. I've seen this in the client and in one wireless router (not DLink) that I can't recall the name and model.
On Sun, 06 Aug 2006 12:24:04 -0700, Jeff Liebermann wrote in :
Might also be DHCP lease renewal problems.
My Dlink is the DI-524 I never bothered to mention the model because as I understand it, it's a chronic issue with WEP and the DI-524. I swapped the version A for the C since I had extensive WEP issues, as did many other people. My cable speed is 4800 kbps. When I say WEP makes a difference, it really is noticable...running speed tests with WEP will knock down my speed from 4800 kbps to 1200 kbps easily. In addition, frequent dropped connections. Updating to the latest firmware made things worse...and like many others who have the same problem, had to stay with version 3.02 C
Try increasing (double) the Beacon interval.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.