Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
 ·Shaw
| reply to Bobcat
Re: Is there a way to not see a vulnerable router ?
said by Bobcat  :(assuming that WPA was already enabled) First running at least WPA fixes a whole pile of security problems surrounding wifi, if you have it, USE IT, if not, GET IT. I can't believe there are still vendors selling wifi without at least WPA.
So we will assume the target is running WEP or less. What access point will a client connect to, all other things being equal(ie spoofed), an access point which is broadcasting the SSID or one that isn't? How hard is it to find and then spoof the SSID? How hard is it to find and spoof the SSID Mac Address? So what happens if I spoof all this information and then send out forged 802.11 disassociation messages, which access point will the clients re-attach to, mine or yours (as far as they can tell we are identical, except I'm broadcasting, your not)?
WEP is bad, get over it and get at least WPA as it fixes a ton of security problems within WEP. WPA and up defend against this type of attack. WPA and WPA2 incorporate a signed message integrity check which will sense the forged frames and drop them.
Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel |
|
smokincrack
@comcast.net | reply to cacroll
Re: Is there a way to not see a vulnerable router
Turn off your ssid and become more interesting to wardriving. What a crock of bull, where do you get this crap? Is this your own personal method at hacking your neighbors systems? If you can not make a response with facts don't reply. |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| reply to Bobcat
said by Bobcat :said by Link Logger :Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using.
When you turn your SSID off, your clients have to work harder to associate with the AP, and they're broadcasting the SSID (not as a beacon, but still it's out there) as they do. This increases the amount of traffic too. ICSA Labs has a pretty detailed whitepaper.
»www.icsalabs.com/html/communitie···ding.pdf
If you turn off your SSID, any wardriver detecting you (and any one with any skill will) may think you're more interesting.
--
Cheers,
Chuck
MS-MVP [Windows - Networking]
PChuck's Network |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to Bobcat
said by Bobcat :Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using. I have my SSID turned-off, and I can connect with WinXP just fine. It doesn't increase the risk (although it can give inexperienced users a false sense of security), but it doesn't offer any additional security at all.
Passive detection tools like kismet can still pull the SSID, channel #, and client mac addresses "from the air", despite the fact that the AP isn't broadcasting the SSID. Your average script-kiddie with a copy of Netstumbler, however, likely won't see it, although some APs still respond.
Also, it obfuscates the process of associating with the AP for some client/AP combinations, especially with WZC. Your specific instance must be just luck, since I usually see that WPA/WPA2+SSID broadcasts turned off usually spells an increased amount of headaches.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 8800+ messages currently using 268 MB (11%) of my 2442 MB |
|
Bobcat
Premium
join:2001-02-04
Bedminster, NJ
 ·Verizon Online DSL
| reply to Link Logger
Re: Is there a way to not see a vulnerable router ?
said by Link Logger :Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using.
I have my SSID turned-off, and I can connect with WinXP just fine.
--
"Victory means exit strategy, and it's important for the president to explain to us what the exit strategy is."
» George W. Bush, April 9, 1999 |
|
UthinkURright
@comcast.net
| reply to On-OffOK
Re: Is there a way to not see a vulnerable router
This is the most positive reply out of the whole bunch of negative responses. Ie; You are not getting the point, it does not provide any security. The op did not ask if it provides protection, the question was if it removes his ssid from the non-tech, non security conscious average user in his neighborhood. Answer, yes it will, geez was this so difficult to answer?
As this poster has said, try it both ways and determine which you prefer. If it works great with ssid off, great; if not turn it on. Problem solved. I turn mine off because there are way too many wireless users in my area. I do not turn it off for security reasons, only to prevent others system from looking at my system for access. BTW, I do not have any connection problems with my ssid turned off.
Give advice and allow people make a decision. Just because they do not take your advice, shootist does not make them less informed or less secure than you. |
|
dspalding
join:2003-10-29
Durham, NC
 ·Dreamhost
| reply to Gabriel 22
Gabriel22, I don't understand your concern with the unsecured router. It's not a problem for you. "Those people" aren't harming your lan by having a wide open router.
SSID broadcast has its use, so you are better off leaving it to "broadcast." Just use WPA with a strong passphrase, or WEP if you can't use WPA, and change the code regularly. This may sound "too simple," but it works.  |
|
yeti34
RC Onroad racin
join:2001-04-12
Salt Lake City, UT
| reply to Gabriel 22
Re: Is there a way to not see a vulnerable router ?
The unsecured router is just that, unsecure. They will in no way have any effect on your secured router. All they will see if you have SSID enabled is that you have a secured network and they will not be able to access it. I see this all the time in my neighborhood, there seems to be a few people that have not secured theirs routers and I could access them, but don't. This is just the nature of wireless, if it bothers you just stick with hard wires and turn the WiFi off. |
|
Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
·Shaw
| reply to Gabriel 22
Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Any war driver who doesn't know how to use at least NetStumbler needs to pack up his computer and ship it back to wherever he got it from and likely should do the same with their driving license.
If you want to hide your wireless router then disable the wireless capabilities or unplug it. The very idea of a wifi router is not to hide so what you are asking is not really possible. If you wish to connect to a router and not have it broadcast its existence via a wifi signal then you need to switch to a wired only solution (or as I said disable the wifi functionality of your router).
Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel |
|
On-OffOK
@comcast.net
| reply to Gabriel 22
Re: Is there a way to not see a vulnerable router
It is your system. Try connecting without broadcasting the ssid, if it works without any connection issues, leave it off. It will not provide added protection from someone intent on hacking your system. But, if it makes you feel better that is all that matters. Make your decision from the advice given. |
|
jza80
join:2005-10-29
Sacramento, CA
| reply to Gabriel 22
Hiding the SSID does absolutely nothing security wise. Only real way to turn it off is unplug your wireless router/AP or turn off wireless.
If your worried about someone using your connection, use WEP or WPA. WPA is preferred over WEP.
As for special "toolz", try NetStumbler. It picks up wireless APs, whether SSID broadcast is on or off.
I can pick up 2 other APs besides my own.
|
|
Gabriel 22
join:2005-11-04
Canada
1 edit | reply to Shootist
Why would I want to hide it.
I guess so the unsecured Wifi router owner doesn't see us.
I mean. They don't even know how to secure their equipment.
Couldn't I just slip by unnoticed by hiding the ssid ?
It doesn't matter. I use xp, so I'll have to broadcast the ssid.
--
Happy Dell PC Owner. |
|
Shootist
Premium
join:2003-02-10
Decatur, GA
| reply to Gabriel 22
Simple fact is if you're running Windows XP you will need to broadcast the SSID to make a connection.
So the real question is IF you can NAME it anything you want, Not Open/Go Away/I'll find you if you try to connect/ WHATEVER, and it adds nothing as far as security and only inhibits you from connecting to your own wireless signal why would you want to hide it???????
--
Shooter Ready--Stand By BEEP ******** |
|
SqueeksDad
I Miss Her
Premium
join:2002-09-14
Hyattsville, MD
clubs: 
 ·Verizon FIOS
·Comcast
·Verizon Online DSL
| reply to Gabriel 22
I like the analogy someone here uses, turning off SSID is like hanging a sign on your front door that says NO DOOR HERE.
The door is still visible to anyone that "MIGHT" be looking, and really only makes you feel like your hidden.
--
Ways to Relieve Stress #10. Make up a language and ask people for directions. |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to Gabriel 22
said by Gabriel 22 :Thank you very much for clarifying that. Netgear tech support says nobody can see it without special "Toolz" though. Well, they really aren't that special at all.
In all honesty, it can make associating with your AP considerably more difficult, and I've seen some AP-Wireless NIC combinations that have major issues associating when using WPA when the AP doesn't have SSID broadcasts turned on.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 8800+ messages currently using 268 MB (11%) of my 2442 MB |
|
Gabriel 22
join:2005-11-04
Canada
| reply to Nerdtalker
said by Nerdtalker :You don't need magical "toolz" to see the (ssid) I didn't understand this point.
Thank you very much for clarifying that.
Netgear tech support says nobody can see it without special "Toolz" though.
So now I'm a bit confused. 
--
Happy Dell PC Owner. |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to Shootist
said by Shootist :Hiding the SSID means absolutely nothing for security and only makes it harder for YOU to connect to your own wireless signal. Exactly.
It's truly worthless, and it provides a false sense of security.
You don't need magical "toolz" to see the AP, a bunch of it doesn't require any special technical knowledge to use.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 8800+ messages currently using 268 MB (11%) of my 2442 MB |
|
Shootist
Premium
join:2003-02-10
Decatur, GA
| reply to Gabriel 22
Really you are NOT getting the POINT.
Hiding the SSID means absolutely nothing for security and only makes it harder for YOU to connect to your own wireless signal.
--
Shooter Ready--Stand By BEEP ******** |
|
Gabriel 22
join:2005-11-04
Canada
| reply to Nerdtalker
I think I'll still use it. The people who don't secure their router aren't likely to use hacker software just so they can see my hidden ssid. I understand the local wardriver would see it though if they were determined.
--
Happy Dell PC Owner. |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to Gabriel 22
said by Gabriel 22 :Do they have to use special software to see my ssid if I disable broadcasting it, or would it show up on their available router list ? It isn't that special, really, but yes, they'd need software to "see" your SSID.
The bottom line is that disabling SSID broadcasts provides no additional security, whatsoever. It just doesn't.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 8800+ messages currently using 268 MB (11%) of my 2442 MB |
|
