Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
 ·Shaw
| reply to Gabriel 22
Re: Is there a way to not see a vulnerable router ?
Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Any war driver who doesn't know how to use at least NetStumbler needs to pack up his computer and ship it back to wherever he got it from and likely should do the same with their driving license.
If you want to hide your wireless router then disable the wireless capabilities or unplug it. The very idea of a wifi router is not to hide so what you are asking is not really possible. If you wish to connect to a router and not have it broadcast its existence via a wifi signal then you need to switch to a wired only solution (or as I said disable the wifi functionality of your router).
Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel |
|
yeti34
RC Onroad racin
join:2001-04-12
Salt Lake City, UT
| reply to Gabriel 22
The unsecured router is just that, unsecure. They will in no way have any effect on your secured router. All they will see if you have SSID enabled is that you have a secured network and they will not be able to access it. I see this all the time in my neighborhood, there seems to be a few people that have not secured theirs routers and I could access them, but don't. This is just the nature of wireless, if it bothers you just stick with hard wires and turn the WiFi off. |
|
dspalding
join:2003-10-29
Durham, NC
 ·Dreamhost
| reply to Gabriel 22
Re: Is there a way to not see a vulnerable router
Gabriel22, I don't understand your concern with the unsecured router. It's not a problem for you. "Those people" aren't harming your lan by having a wide open router.
SSID broadcast has its use, so you are better off leaving it to "broadcast." Just use WPA with a strong passphrase, or WEP if you can't use WPA, and change the code regularly. This may sound "too simple," but it works.  |
|
UthinkURright
@comcast.net
| reply to On-OffOK
This is the most positive reply out of the whole bunch of negative responses. Ie; You are not getting the point, it does not provide any security. The op did not ask if it provides protection, the question was if it removes his ssid from the non-tech, non security conscious average user in his neighborhood. Answer, yes it will, geez was this so difficult to answer?
As this poster has said, try it both ways and determine which you prefer. If it works great with ssid off, great; if not turn it on. Problem solved. I turn mine off because there are way too many wireless users in my area. I do not turn it off for security reasons, only to prevent others system from looking at my system for access. BTW, I do not have any connection problems with my ssid turned off.
Give advice and allow people make a decision. Just because they do not take your advice, shootist does not make them less informed or less secure than you. |
|
Bobcat
Premium
join:2001-02-04
Bedminster, NJ
 ·Verizon Online DSL
| reply to Link Logger
Re: Is there a way to not see a vulnerable router ?
said by Link Logger  :Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using.
I have my SSID turned-off, and I can connect with WinXP just fine.
--
"Victory means exit strategy, and it's important for the president to explain to us what the exit strategy is."
» George W. Bush, April 9, 1999 |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| Re: Is there a way to not see a vulnerable router
said by Bobcat :Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using. I have my SSID turned-off, and I can connect with WinXP just fine. It doesn't increase the risk (although it can give inexperienced users a false sense of security), but it doesn't offer any additional security at all.
Passive detection tools like kismet can still pull the SSID, channel #, and client mac addresses "from the air", despite the fact that the AP isn't broadcasting the SSID. Your average script-kiddie with a copy of Netstumbler, however, likely won't see it, although some APs still respond.
Also, it obfuscates the process of associating with the AP for some client/AP combinations, especially with WZC. Your specific instance must be just luck, since I usually see that WPA/WPA2+SSID broadcasts turned off usually spells an increased amount of headaches.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 8800+ messages currently using 268 MB (11%) of my 2442 MB |
|
cacroll
Eventually, Prozac becomes normal
Premium
join:2002-07-25
Martinez, CA
| reply to Bobcat
said by Bobcat :said by Link Logger :Turning off your SSID does NOT improve your security status, in fact it could increase your risk. Please explain how not broadcasting the SSID would increase the risk (assuming that WPA was already enabled). I don't see any downside, except that others in the neighborhood looking for a clear channel wouldn't know what channel you're already using.
When you turn your SSID off, your clients have to work harder to associate with the AP, and they're broadcasting the SSID (not as a beacon, but still it's out there) as they do. This increases the amount of traffic too. ICSA Labs has a pretty detailed whitepaper.
»www.icsalabs.com/html/communitie···ding.pdf
If you turn off your SSID, any wardriver detecting you (and any one with any skill will) may think you're more interesting.
--
Cheers,
Chuck
MS-MVP [Windows - Networking]
PChuck's Network |
|
smokincrack
@comcast.net | Turn off your ssid and become more interesting to wardriving. What a crock of bull, where do you get this crap? Is this your own personal method at hacking your neighbors systems? If you can not make a response with facts don't reply. |
|
Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
·Shaw
| reply to Bobcat
Re: Is there a way to not see a vulnerable router ?
said by Bobcat :(assuming that WPA was already enabled) First running at least WPA fixes a whole pile of security problems surrounding wifi, if you have it, USE IT, if not, GET IT. I can't believe there are still vendors selling wifi without at least WPA.
So we will assume the target is running WEP or less. What access point will a client connect to, all other things being equal(ie spoofed), an access point which is broadcasting the SSID or one that isn't? How hard is it to find and then spoof the SSID? How hard is it to find and spoof the SSID Mac Address? So what happens if I spoof all this information and then send out forged 802.11 disassociation messages, which access point will the clients re-attach to, mine or yours (as far as they can tell we are identical, except I'm broadcasting, your not)?
WEP is bad, get over it and get at least WPA as it fixes a ton of security problems within WEP. WPA and up defend against this type of attack. WPA and WPA2 incorporate a signed message integrity check which will sense the forged frames and drop them.
Blake
--
Vendor: Firewall Logging Software »www.SonicLogger.com - SonicWall and 3Com »www.LinkLogger.com - Linksys, Netgear and Zyxel |
|
