Well, thats the kicker: Define "casual". You mean on an open network? Sure. Passworded by any level of security goes beyond casual at that point, and is an attack. The tools and info are all over the Internet. Obfuscation does you nothing, but give a false sense of security.
The article that Carl posted is a good read. For those curious, consider this quote: While this is commonly viewed as a mechanism to improve the security of the > WLAN and is a recommended best-practice by the PCI Data Security Standard, > [SSID's] can reduce the effective security of the WLAN. > -- ME2 On Fri, May 21, 2010 at 1:28 PM, Erik Goldoff <[email protected]> wrote: > The takeaway here is that turning off the SSID broadcast should never be > the **only** security measure because in and of itself, it only provides a > false sense of security, and keeps out only the most casual . > > > > *Erik Goldoff*** > > *IT Consultant* > > *Systems, Networks, & Security * > > ' Security is an ongoing process, not a one time event ! ' > > *From:* Murray Freeman [mailto:[email protected]] > *Sent:* Friday, May 21, 2010 3:48 PM > > *To:* NT System Admin Issues > *Subject:* RE: script SSID for wireless configs > > > > Thanks Micheal, that clears it up somewhat. It sounds to me that with the > number of wifi's in my neighborhood, I don't have to be very concerned > because the rest of the neighborhood are broadcasting and several use their > family name. I'm going to assume that they would tend to draw the hackers > more than my "unknown" wifi, and most of them are WPA whereas I'm WPA2. > > > > Thanks again. > > > > *Murray * > > > > > ------------------------------ > > *From:* Micheal Espinola Jr [mailto:[email protected]] > *Sent:* Friday, May 21, 2010 2:34 PM > > *To:* NT System Admin Issues > *Subject:* Re: script SSID for wireless configs > > Technically speaking, its not that it isnt "broadcasted". It's not > "advertised" in the packets. This is a good short summary: > > > > http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID > > -- > ME2 > > On Fri, May 21, 2010 at 12:27 PM, Murray Freeman <[email protected]> > wrote: > > So you are telling me that there are tools that can see something that > isn't being broadcast? I'm having trouble with that concept. If I tturn off > the power altogether, can these"tools" see my wifi? If the broadcast is shut > off, how is it broadcasting? Finally, if these tools can see my SSID, can > they also see the unencrypted password? I can tell you that Inssider tells > me a lot about the wifi's it picks up including it's mac address along with > the manufacturer of the wifi, and the channel in use. But my SSID displays > as unknown. Either wifi is completely unsecure or it isn't. Please explain! > > > > *Murray * > > > > > ------------------------------ > > *From:* Micheal Espinola Jr [mailto:[email protected]] > *Sent:* Friday, May 21, 2010 1:23 PM > > > *To:* NT System Admin Issues > > *Subject:* Re: script SSID for wireless configs > > Its false security. Mainly because anyone capable of hacking your network > can see your SSID with their toolset (its still out there in the ether). > > Obscurity != Security > > And with that, let the soapboxing begin... > > -- > ME2 > > On Fri, May 21, 2010 at 10:43 AM, Murray Freeman <[email protected]> > wrote: > > I've been "lurking" on this topic, and I have a couple of questions. First, > I have a wifi at home and I have the radio broadcast turned off. I'm using > INSSIDER software to look around my neighborhood from time to time. My SSID > shows up as "unknown". Obviously I have no problem connecting and if someone > who has never connected previously comes over, I help them by telling them > the SSID and password to connect. The next time they come over, they connect > automatically. So, my questions. First, even if you know my SSID, you need > to know my password or you're not going to connect. I figure that without > the SSID, it is even more difficult for a stranger to connect. Oh, I'm using > WPA2 security. I know I could use MAC filtering, but I'm comfortable that > I'm secure enough. Can you guys explain to me how having the radio broadcast > turned off makes the security lessened? > > > > *Murray * > > > > > ------------------------------ > > *From:* Erik Goldoff [mailto:[email protected]] > > *Sent:* Friday, May 21, 2010 12:01 PM > > > *To:* NT System Admin Issues > *Subject:* RE: script SSID for wireless configs > > > > > > No real input as their decisions are already made, but like I said, they > are depending solely on non-broadcast of the SSID as their ‘security’, they > do have other proper measures in place. > > *Erik Goldoff* > > *IT Consultant* > > *Systems, Networks, & Security * > > ' Security is an ongoing process, not a one time event ! ' > > *From:* Carl Houseman [mailto:[email protected]] > *Sent:* Friday, May 21, 2010 11:55 AM > *To:* NT System Admin Issues > *Subject:* RE: script SSID for wireless configs > > > > The post was offered as a general comment, not a response to your > question. That happens around here a lot. As IT consultant, do you not > have any capacity to advise the agency on security matters? Or keep them > from shooting themselves in the foot? I guess not... > > > > Carl > > > > *From:* Erik Goldoff [mailto:[email protected]] > *Sent:* Friday, May 21, 2010 11:50 AM > *To:* NT System Admin Issues > *Subject:* RE: script SSID for wireless configs > > > > Thank you but that was not the question. To the agency, this is one layer > of security, in addition to WPA, etc. The question is whether the wireless > config could be scripted. > > > > *Erik Goldoff* > > *IT Consultant* > > *Systems, Networks, & Security * > > ' Security is an ongoing process, not a one time event ! ' > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
