Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my "unknown" wifi, and most of them are WPA whereas I'm WPA2. Thanks again.
Murray ________________________________ From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt "broadcasted". It's not "advertised" in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_o f_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman <mfree...@alanet.org> wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can these"tools" see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray ________________________________ From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman <mfree...@alanet.org> wrote: I've been "lurking" on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as "unknown". Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray ________________________________ From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, & Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
