Detecting a wireless SSID

Hi Everyone,

I enjoy learning about wireless networks and I have a few installed in
my apartment. I have a question. If a the SSID of a WLAN is not
broadcasted, how can a hacker discover the network? What types of
software would he use?

For my home, I use NetStumbler, but because my SSID is disabled, it
won't detect it. I'm trying to understand if there are any other
security holes. I've enabled encryption, MAC filtering, limited IP
range, and disabled SSID. Thanks for the help!

Duy

Believe me, you have done everything right. Unless you have a Super Hacker
that is an enemy, I would not worry about it.

Robert....
<(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Hi Everyone,
>
> I enjoy learning about wireless networks and I have a few installed in
> my apartment. I have a question. If a the SSID of a WLAN is not
> broadcasted, how can a hacker discover the network? What types of
> software would he use?
>
> For my home, I use NetStumbler, but because my SSID is disabled, it
> won't detect it. I'm trying to understand if there are any other
> security holes. I've enabled encryption, MAC filtering, limited IP
> range, and disabled SSID. Thanks for the help!
>
> Duy
>

"Robert Jacobs" <(E-Mail Removed)> wrote in
news:IU_Kd.4411$To.3800@trnddc09:

> Believe me, you have done everything right. Unless you have a
> Super Hacker that is an enemy, I would not worry about it.

No, he hasn't done everything right
Yes, he shouldn't worry about it

> <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed) oups.com...

>> I enjoy learning about wireless networks and I have a few
>> installed in my apartment. I have a question. If a the SSID of
>> a WLAN is not broadcasted, how can a hacker discover the
>> network? What types of software would he use?

>> For my home, I use NetStumbler, but because my SSID is disabled,
>> it won't detect it. I'm trying to understand if there are any
>> other security holes. I've enabled encryption, MAC filtering,
>> limited IP range, and disabled SSID. Thanks for the help!

The SSID is *intended* to be broadcast. Hiding it is a bogus security
measure. The SSID is always broadcast and *cannot* be hidden - just
because NetStumbler does not report it is a function of the way the
tool works.

Hiding the SSID will cause useful things to not work properly, or at
all. Have a look here:
<http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf>

Security ahould be based on encryption and authentication. 'Security by
obscurity' is no security at all.

In order:

- As best you can (username, strong password) secure the access to your
wireless access point's config.

- If you have WEP, use it. It's crackability is often exaggerated.

- If you have WPA-PSK, use it. Although the encryption is the same as
WEP, the fact that the keys are changed frequently (TKIP) means there
isn't enough time to crack it.

- If you have - or can set up - a RADIUS server, use WPA. This will
provide proper authentication

- If you have AES encryption available (part of WPA2), use it. This
uses a more secure encryption algorithm and is the best solution
currently available for securing a home wireless network.

All other commonly touted 'security' techniques are simply 'security by
obscurity'. A cracker will have the tools to overcome them. At best,
you are making it more difficult for your friendly next door neighbour
to accidentally access your network. You are not deterring anyone with
determination.

Hope this helps

--

Richard Perkin
To email me, change the AT in the address below
richard.perkinATmyrealbox.com

It's is not, it isn't ain't, and it's it's, not its, if you mean it
is. If you don't, it's its. Then too, it's hers. It isn't her's.
It isn't our's either. It's ours, and likewise yours and theirs.
-- Oxford University Press, Edpress News

so what do you think he did wrong?

"Richard Perkin" <(E-Mail Removed)> wrote in message
news:Xns95EE7556AF59Bfnurdle@130.133.1.4...
> "Robert Jacobs" <(E-Mail Removed)> wrote in
> news:IU_Kd.4411$To.3800@trnddc09:
>
>> Believe me, you have done everything right. Unless you have a
>> Super Hacker that is an enemy, I would not worry about it.
>
> No, he hasn't done everything right
> Yes, he shouldn't worry about it
>
>> <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed) oups.com...
>
>>> I enjoy learning about wireless networks and I have a few
>>> installed in my apartment. I have a question. If a the SSID of
>>> a WLAN is not broadcasted, how can a hacker discover the
>>> network? What types of software would he use?
>
>>> For my home, I use NetStumbler, but because my SSID is disabled,
>>> it won't detect it. I'm trying to understand if there are any
>>> other security holes. I've enabled encryption, MAC filtering,
>>> limited IP range, and disabled SSID. Thanks for the help!
>
> The SSID is *intended* to be broadcast. Hiding it is a bogus security
> measure. The SSID is always broadcast and *cannot* be hidden - just
> because NetStumbler does not report it is a function of the way the
> tool works.
>
> Hiding the SSID will cause useful things to not work properly, or at
> all. Have a look here:
> <http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf>
>
> Security ahould be based on encryption and authentication. 'Security by
> obscurity' is no security at all.
>
> In order:
>
> - As best you can (username, strong password) secure the access to your
> wireless access point's config.
>
> - If you have WEP, use it. It's crackability is often exaggerated.
>
> - If you have WPA-PSK, use it. Although the encryption is the same as
> WEP, the fact that the keys are changed frequently (TKIP) means there
> isn't enough time to crack it.
>
> - If you have - or can set up - a RADIUS server, use WPA. This will
> provide proper authentication
>
> - If you have AES encryption available (part of WPA2), use it. This
> uses a more secure encryption algorithm and is the best solution
> currently available for securing a home wireless network.
>
> All other commonly touted 'security' techniques are simply 'security by
> obscurity'. A cracker will have the tools to overcome them. At best,
> you are making it more difficult for your friendly next door neighbour
> to accidentally access your network. You are not deterring anyone with
> determination.
>
> Hope this helps
>
> --
>
> Richard Perkin
> To email me, change the AT in the address below
> richard.perkinATmyrealbox.com
>
> It's is not, it isn't ain't, and it's it's, not its, if you mean it
> is. If you don't, it's its. Then too, it's hers. It isn't her's.
> It isn't our's either. It's ours, and likewise yours and theirs.
> -- Oxford University Press, Edpress News

ahh, saw the rest of your post. I dont believe anyone around here has ever
said not broadcasting your SSID was a security function, it just keeps nozzy
people away. And as far as making things not work on your network, thats
bull. If you set a device to access a certain SSID, even if its not
broadcasting, it will connect if its working properly. And I belive I stated
that it wont keep out someone that is determined, but most crackers wont
bother with secured networks as there are so many open ones.

"Richard Perkin" <(E-Mail Removed)> wrote in message
news:Xns95EE7556AF59Bfnurdle@130.133.1.4...
> "Robert Jacobs" <(E-Mail Removed)> wrote in
> news:IU_Kd.4411$To.3800@trnddc09:
>
>> Believe me, you have done everything right. Unless you have a
>> Super Hacker that is an enemy, I would not worry about it.
>
> No, he hasn't done everything right
> Yes, he shouldn't worry about it
>
>> <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed) oups.com...
>
>>> I enjoy learning about wireless networks and I have a few
>>> installed in my apartment. I have a question. If a the SSID of
>>> a WLAN is not broadcasted, how can a hacker discover the
>>> network? What types of software would he use?
>
>>> For my home, I use NetStumbler, but because my SSID is disabled,
>>> it won't detect it. I'm trying to understand if there are any
>>> other security holes. I've enabled encryption, MAC filtering,
>>> limited IP range, and disabled SSID. Thanks for the help!
>
> The SSID is *intended* to be broadcast. Hiding it is a bogus security
> measure. The SSID is always broadcast and *cannot* be hidden - just
> because NetStumbler does not report it is a function of the way the
> tool works.
>
> Hiding the SSID will cause useful things to not work properly, or at
> all. Have a look here:
> <http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf>
>
> Security ahould be based on encryption and authentication. 'Security by
> obscurity' is no security at all.
>
> In order:
>
> - As best you can (username, strong password) secure the access to your
> wireless access point's config.
>
> - If you have WEP, use it. It's crackability is often exaggerated.
>
> - If you have WPA-PSK, use it. Although the encryption is the same as
> WEP, the fact that the keys are changed frequently (TKIP) means there
> isn't enough time to crack it.
>
> - If you have - or can set up - a RADIUS server, use WPA. This will
> provide proper authentication
>
> - If you have AES encryption available (part of WPA2), use it. This
> uses a more secure encryption algorithm and is the best solution
> currently available for securing a home wireless network.
>
> All other commonly touted 'security' techniques are simply 'security by
> obscurity'. A cracker will have the tools to overcome them. At best,
> you are making it more difficult for your friendly next door neighbour
> to accidentally access your network. You are not deterring anyone with
> determination.
>
> Hope this helps
>
> --
>
> Richard Perkin
> To email me, change the AT in the address below
> richard.perkinATmyrealbox.com
>
> It's is not, it isn't ain't, and it's it's, not its, if you mean it
> is. If you don't, it's its. Then too, it's hers. It isn't her's.
> It isn't our's either. It's ours, and likewise yours and theirs.
> -- Oxford University Press, Edpress News

"Robert Jacobs" <(E-Mail Removed)> wrote in
news:5W3Ld.4861$To.2153@trnddc09:

> ahh, saw the rest of your post.
Please do not top post. If you hadn't fallen into this bad habit
then you might have read my whole post...

> ... I dont believe anyone around here
> has ever said not broadcasting your SSID was a security function,
No, that's what I said. But many others have fallen into the error of
beliveing that a broadcast SSID is somehow 'bad' and introduces a
security hole. It doesn't. I believe the eror dates from early days
when wireless security was less well understood, and it is now
repeated without any justification.

However, it's not really sensible for commercial organisations to
reveal their identity, so using an SSID which is not the same as your
business name is a good thing. But that's not the same as security...

> it just keeps nozzy people away.
No it doesn't - it creates a problem.
Things stop working, or stop working well.
At its simplest, neighbours cannot see your network with (for
example) the usual supplier's utility program for setting up a card,
and so may use a channel which overlaps with a channel already in
use. This causes interference. You're just being a 'bad neighbour'.

I repeat: the SSID is *designed* to be broadcast. As a more complex
example, an Extended Service Set and roaming will not work properly
without it.

>... And as far as making things not
> work on your network, thats bull.
Nope, you're *wrong*

> ... If you set a device to access a
> certain SSID, even if its not broadcasting, it will connect if its
> working properly.
I never said otherwise. But if that's all you think the SSID is for,
I regret to say that you're wrong.

> ... And I belive I stated that it wont keep out
> someone that is determined, but most crackers wont bother with
> secured networks as there are so many open ones.
Agreed

>> The SSID is *intended* to be broadcast. Hiding it is a bogus
>> security measure. The SSID is always broadcast and *cannot* be
>> hidden - just because NetStumbler does not report it is a
>> function of the way the tool works.

>> Hiding the SSID will cause useful things to not work properly, or
>> at all. Have a look here:
>> <http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf>

Please read the paper in the link above. If you disagree with what it
says, I'd be interested to hear your arguments.

Kind regards

--

Richard Perkin
To email me, change the AT in the address below
richard.perkinATmyrealbox.com

It's is not, it isn't ain't, and it's it's, not its, if you mean it
is. If you don't, it's its. Then too, it's hers. It isn't her's.
It isn't our's either. It's ours, and likewise yours and theirs.
-- Oxford University Press, Edpress News

I wont dispute the article, since I dont go arount testing out these things,
but I will say that most home network users dont go arount roaming from one
AP to the other, so I dont think most people will have problems with not
broadcasting thier SSID.

"Richard Perkin" <(E-Mail Removed)> wrote in message
news:Xns95EE845016805fnurdle@130.133.1.4...
> "Robert Jacobs" <(E-Mail Removed)> wrote in
> news:5W3Ld.4861$To.2153@trnddc09:
>
>> ahh, saw the rest of your post.
> Please do not top post. If you hadn't fallen into this bad habit
> then you might have read my whole post...
>
>> ... I dont believe anyone around here
>> has ever said not broadcasting your SSID was a security function,
> No, that's what I said. But many others have fallen into the error of
> beliveing that a broadcast SSID is somehow 'bad' and introduces a
> security hole. It doesn't. I believe the eror dates from early days
> when wireless security was less well understood, and it is now
> repeated without any justification.
>
> However, it's not really sensible for commercial organisations to
> reveal their identity, so using an SSID which is not the same as your
> business name is a good thing. But that's not the same as security...
>
>> it just keeps nozzy people away.
> No it doesn't - it creates a problem.
> Things stop working, or stop working well.
> At its simplest, neighbours cannot see your network with (for
> example) the usual supplier's utility program for setting up a card,
> and so may use a channel which overlaps with a channel already in
> use. This causes interference. You're just being a 'bad neighbour'.
>
> I repeat: the SSID is *designed* to be broadcast. As a more complex
> example, an Extended Service Set and roaming will not work properly
> without it.
>
>>... And as far as making things not
>> work on your network, thats bull.
> Nope, you're *wrong*
>
>> ... If you set a device to access a
>> certain SSID, even if its not broadcasting, it will connect if its
>> working properly.
> I never said otherwise. But if that's all you think the SSID is for,
> I regret to say that you're wrong.
>
>> ... And I belive I stated that it wont keep out
>> someone that is determined, but most crackers wont bother with
>> secured networks as there are so many open ones.
> Agreed
>
>>> The SSID is *intended* to be broadcast. Hiding it is a bogus
>>> security measure. The SSID is always broadcast and *cannot* be
>>> hidden - just because NetStumbler does not report it is a
>>> function of the way the tool works.
>
>>> Hiding the SSID will cause useful things to not work properly, or
>>> at all. Have a look here:
>>> <http://www.icsalabs.com/html/communities/WLAN/wp_ssid_hiding.pdf>
>
> Please read the paper in the link above. If you disagree with what it
> says, I'd be interested to hear your arguments.
>
> Kind regards
>
> --
>
> Richard Perkin
> To email me, change the AT in the address below
> richard.perkinATmyrealbox.com
>
> It's is not, it isn't ain't, and it's it's, not its, if you mean it
> is. If you don't, it's its. Then too, it's hers. It isn't her's.
> It isn't our's either. It's ours, and likewise yours and theirs.
> -- Oxford University Press, Edpress News

On 30 Jan 2005 13:00:24 GMT, Richard Perkin <(E-Mail Removed)>
wrote:

>> ... I dont believe anyone around here
>> has ever said not broadcasting your SSID was a security function,
>No, that's what I said. But many others have fallen into the error of
>beliveing that a broadcast SSID is somehow 'bad' and introduces a
>security hole. It doesn't. I believe the eror dates from early days
>when wireless security was less well understood, and it is now
>repeated without any justification.
>


Why does linksys publish this regarding the SSID:

"To increase Network Security, most Wireless Access Points and
Wireless Routers are capable of disabling the SSID from being
broadcasted into the open air. With the SSID Broadcast enabled,
someone could obtain your SSID with simple Site Survey software and
possibly gain access to your Wireless network."
-
--
cnewton at akaMail.com
Anti-Spam filter in place--
<delete .remove-this to respond to email>

(E-Mail Removed) wrote:
> Hi Everyone,
>
> I enjoy learning about wireless networks and I have a few installed in
> my apartment. I have a question. If a the SSID of a WLAN is not
> broadcasted, how can a hacker discover the network? What types of
> software would he use?
>
> For my home, I use NetStumbler, but because my SSID is disabled, it
> won't detect it. I'm trying to understand if there are any other
> security holes. I've enabled encryption, MAC filtering, limited IP
> range, and disabled SSID. Thanks for the help!
>
> Duy

If you enjoy learning, learn about VPN's, I have a few in my my apartment
and started playing with PDA's with built in wireless (iPAQ 4551), they
don't do wep very well, but have built in VPN client stuff, seemed like a
good idea to learn about em and find out how to set my system up as a
private VPN... Really cool, and then you don't have to worry so much about
the other stuff.

Curtis Newton <cnewton.remove-(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> On 30 Jan 2005 13:00:24 GMT, Richard Perkin
> <(E-Mail Removed)> wrote:
>
>>> ... I dont believe anyone around here
>>> has ever said not broadcasting your SSID was a security
>>> function,
>>No, that's what I said. But many others have fallen into the error
>>of beliveing that a broadcast SSID is somehow 'bad' and introduces
>>a security hole. It doesn't. I believe the eror dates from early
>>days when wireless security was less well understood, and it is
>>now repeated without any justification.

> Why does linksys publish this regarding the SSID:
>
> "To increase Network Security, most Wireless Access Points and
> Wireless Routers are capable of disabling the SSID from being
> broadcasted into the open air. With the SSID Broadcast enabled,
> someone could obtain your SSID with simple Site Survey software
> and possibly gain access to your Wireless network."

The first sentence is entirely incorrect. The SSID is *always*
transmitted. Using the feature provided will stop beacon frames being
tranmitted: this does not prevent the SSID being transmitted in other
frames. Statements like this appear to be a misunderstanding of both
IEEE 802.11 and what 'security' means...

The second sentence is partially correct: someone could attempt to
associate with your network using the SSID. They could indeed
'possibly' gain access. They will of course fail if they do not
authenticate, and even if authenticated all traffic will be dropped if
not encrypted correctly.

I repeat what I said previously: I believe the error dates from early
days when wireless security was less well understood, and it is now
repeated without any justification.

Here also is a statement from Microsoft (OK, OK...):
<http://support.microsoft.com/default...b;en-us;811427
&Product=winxp> showing something else that doesn't work when SSID
broadcast is disabled.

Hope this helps

--

Richard Perkin
To email me, change the AT in the address below
richard.perkinATmyrealbox.com

It's is not, it isn't ain't, and it's it's, not its, if you mean it
is. If you don't, it's its. Then too, it's hers. It isn't her's.
It isn't our's either. It's ours, and likewise yours and theirs.
-- Oxford University Press, Edpress News