Ben, that explains things better. My password is 15 characters long withalpha, numbers and special characters, so I guess I'm reasonably secure.
Thanks for the explanation Murray -----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: Friday, May 21, 2010 4:47 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On Fri, May 21, 2010 at 3:27 PM, Murray Freeman <[email protected]> wrote: > So you are telling me that there are tools that can see something that > isn't being broadcast? It's still being broadcast. Normally, a wifi AP periodically transmits a "beacon frame" containing the SSID. Member nodes continuously listen for beacon frames. By doing so, they build up that list of local wifi networks. You have told your AP not to transmit those beacon frames, so you won't show up in said list. But in order to participate in a wifi network, member nodes must locate and associate with your AP. That is done in the clear. For example, suppose your network is named "ALANET". Your laptop has to first ask, "Are you there, 'ALANET'?" Your AP will then say, "Yes, I am 'ALANET'." They then proceed to negotiate encryption. All wifi receivers in the area will get those transmissions. Normally, other nodes will ignore your transmissions as unrelated. But sniffer tools will show the contents of those frames, or even present a list of them. On Fri, May 21, 2010 at 3:47 PM, Murray Freeman <[email protected]> wrote: > ... the rest of the neighborhood are broadcasting and several use > their family name. I'm going to assume that they would tend to draw > the hackers more than my "unknown" wifi, and most of them are WPA whereas I'm WPA2. That depends. For someone just looking for a free Internet connection, yes, they will prolly go after the open networks. But some people see things like a so-called "hidden SSID" as a challenge. It's more "fun" to go after such targets. I am told that WPA2 is generally regarded as cryptographically strong, though. So unless there's some kind of unpublished attack happening, you're probabbly in good shape. Unless you have a weak secret, of course. If your WPA2 key is something like "password", "swordfish", "12345", "letmein", or your SSID, then you could be in trouble. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
