Re: [Dorset] SSID Hiding
On Tuesday, 7 February 2017 07:47:19 GMT Patrick Wigmore wrote: > MAC address filtering does not really add any security. Before it > comes into play, the attacker still needs to crack your WPA2 > encryption. If that's within their capability, then they almost > certainly know how to discover and spoof an authorised MAC > address by eavesdropping on your network traffic. A fair point. > Determining and spoofing the MAC address and SSID is totally > feasible. But probably not by an up and coming geek. I live on the edge of Corfe Mullen, if there are any seasoned, skilled and determined hackers out there, then they'll probably get through anyway. To a certain extent, I agree with you and Ralph on this; some of these measures are simply security theatre; the manufacturers want to be seen to be doing something. However, my view is that by using belt, braces *and* safety pins, all but the most determined are likely to fall at one hurdle or another. -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2017-02-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] SSID Hiding
On Monday, 6 February 2017, at 19:50:24 GMT, Terry Coles wrote: > I understand what that is saying, but I'm not just relying on > cloaking; I'm using MAC Adress filtering too (as well as WPA2 > PSK encryption). MAC address filtering does not really add any security. Before it comes into play, the attacker still needs to crack your WPA2 encryption. If that's within their capability, then they almost certainly know how to discover and spoof an authorised MAC address by eavesdropping on your network traffic. > My main reason for using it is to reduce the chances of some > young up and coming geek from even trying to hack me. That is interesting to consider. I wonder how the psychology works out. Are hidden networks "off the radar", or do they look like juicier targets, because somebody is trying to hide them? I find Ralph's suggestion of choosing a SSID that doesn't stand out interesting too. Are attackers even looking for SSIDs that stand out? Some attackers might actually be attracted to default-sounding SSIDs, in the hope of finding an easy target with a weak password. But, mind-games aside, at the end of the day you are still just relying on the WPA2 encryption. If that's broken, then the other measures are just ways to paper over cracks in the dam. > 'Worse still, because a station must probe for a hidden SSID, a > fake access point can offer a connection.' > > Correct me if I'm wrong, but wouldn't that fake AP have to > spoof the MAC Address of my Router or know what the SSID was? Determining and spoofing the MAC address and SSID is totally feasible. However (and I could be wrong about this -- I was unable to verify with a web search), I think WPA2-PSK uses mutual authentication of the client and access point. So, your devices would not connect to a fake access point unless the fake AP could prove that it knew the passphrase for your network. If the attacker knows the passphrase, then all bets are off. -- Next meeting: Bournemouth, Tuesday, 2017-02-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
Re: [Dorset] SSID Hiding
Hi Terry, > hide the SSID. You may not want to bother doing this as there are downsides, especially if you take any of those devices elsewhere. https://en.wikipedia.org/wiki/Network_cloaking I just plumped for a SSID that matched the pattern of the majority of my neighbours so I didn't stand out. > The wireless connects fine until I hide the SSID and then the > Transformer reports that there is no Internet and there is no wireless > symbol in the task bar. I think I had that in that past, it certainly seems common for Android according to Google. Most success seems to come from deleting Android's entry added when the SSID was beaconed, and then re-entering the details manually, remembering it's all case sensitive. http://androidforums.com/threads/connecting-to-wifi-network-with-a-hidden-ssid.123819/#post-7450833 Cheers, Ralph. -- Next meeting: Bournemouth, Tuesday, 2017-02-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
[Dorset] SSID Hiding
Hi, I have just installed a shiny new Netgear VSDL Router to replace the never updated Plusnet supplied one. The main reasons that I bought it is that the Plusnet router has the above mentioned lack of security patches and the inability to filter on MAC Addresses or hide the SSID. Having set the router up, I find that all of the devices in the house work fine, except an aging (but frequently used) Asus Transformer. The wireless connects fine until I hide the SSID and then the Transformer reports that there is no Internet and there is no wireless symbol in the task bar. A message then pops up stating that wireless networks are available, but needless to say, not my hidden ones. Devices that work include two Android phones, a Chromebook, a Raspberry Pi, two Win 10 machines (an old MSI laptop and a new home-brewed gaming desktop), a Roku TV box, a Panasonic TV box, a YouView TV box and this Dell Optiplex running Kubuntu. I'm assuming that the problem is the incredibly early version of Android on the Transformer, but has anyone got any other ideas? -- Terry Coles -- Next meeting: Bournemouth, Tuesday, 2017-02-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:dorset@mailman.lug.org.uk / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
