I know when we go to visit my parents (the Luddites with no internet connection) in their snug little retirement community, we all used to try to poach off of the neighbors. Initially, it was no problem getting on to Aunt Rose's unsecured network; I could see it right there in my GUI network connections. Then there were the ones who were hiding their SSIDs. We wouldn't bother because even though they might not have been locked down, without the SSID we couldn't connect.
I'll just say again that doing the things I mentioned will deter the casual poacher. And no one without a packer sniffer and the knowledge to use it will ever know that my SSID is really LINKSYS... <vbg> Mom! Ted's pickin' on me again! -- rk -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ted Roche Sent: Monday, April 25, 2011 4:35 PM To: [email protected] Subject: Re: [NF] Lock down your WI-FI RIGHT NOW! On Mon, Apr 25, 2011 at 4:13 PM, Richard Kaye <[email protected]> wrote: > The SSID is like a user name and the key is the password. I think even that metaphor gives SSID's too large a role in security. You don't walk around with your username on your nametag (well, at least I don't) so it's somewhat of a "secret" even though it's a weak one, RKaye. The SSID is easily readable in cleartext by any packet sniffer whether you are broadcasting it or not. The only thing disabling the SSID broadcast does is remove the SSID name from the GUI of a user trying to log in. These folks can be stumped by a six-letter password consisting of your dog's name. These aren't the people you need to be worried about. To quote Wikipedia, "Unfortunately, turning off the broadcast of the SSID may lead to a false sense of security. The method discourages only casual wireless snooping, but does not stop a person trying to attack the network.[2]" "It is not secure against determined crackers, because every time someone connects to the network, the SSID is transmitted in cleartext even if the wireless connection is otherwise encrypted. An eavesdropper can passively sniff the wireless traffic on that network undetected (with software like Kismet), and wait for someone to connect, revealing the SSID. Alternatively, there are faster (albeit detectable) methods where a cracker spoofs a "disassociate frame" as if it came from the wireless bridge, and sends it to one of the clients connected; the client immediately re-connects, revealing the SSID.[3] "As disabling SSID does not offer protection against determined crackers, proven security methods should be used such as requiring 802.11i/WPA2.[4]" http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29 -- (Not picking on you, Richard, just replying to the end of the thread. No harm.) Ted Roche _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/DF1EEF11E586A64FB54A97F22A8BD0441923ED5A04@ACKBWDDQH1.artfact.local ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
