Newbie question regarding SSID

Hi all,

I very new to networking and I am having trouble getting my two
computers to work together. My first question relates to SSID. I saw
this information on a web site. (Apologies to the author as I can't
remember the address). Quote:

"To improve the security of your home wireless network pick an SSID that
contains both letters and numbers.

Do choose a name as long or nearly as long as the maximum length allowed"

My question is why all the secrecy. My other computer sees the SSID and
displays it. If my computer can do this I assume others can too. Unless
of course I have missed the point!. Any help would be appreciated.

Regards,

Roy.

www.btinternet.com/~godalming

On Fri, 22 Oct 2004 10:05:28 +0000 (UTC), "Roy"
<(E-Mail Removed)> wrote:

>Hi all,
>
> I very new to networking and I am having trouble getting my two
>computers to work together. My first question relates to SSID. I saw
>this information on a web site. (Apologies to the author as I can't
>remember the address). Quote:
>
>"To improve the security of your home wireless network pick an SSID that
>contains both letters and numbers.
>
>Do choose a name as long or nearly as long as the maximum length allowed"
>
>My question is why all the secrecy. My other computer sees the SSID and
>displays it. If my computer can do this I assume others can too. Unless
>of course I have missed the point!. Any help would be appreciated.
>
>Regards,
>
>Roy.
>
>www.btinternet.com/~godalming
>


This a snippet of text I pcked up regarding SSID

1. SSID Broadcast: DISABLE
SSID (Service Set Identification) is a wireless broadcast network
name, akin to a porch light. It allows your (and others) to home in on
your specific address and start receiving data. SSID broadcast has
some demonstrated vulnerabilities, and it is an increasingly secure
option to disable it.

Tip: for best results configure your router to broadcast the SSID,
configure your wireless computers to authenticate themselves to the
network for the first time; then disable SSID broadcast.

2. SSID Name: change from default
Most routers ship with a default SSID name, usually the highly
imaginative 'default'. Change away from it, and use something that is
unique. It prevents other users on other networks from erroneously
trying to connect to your network (even if they are unsuccessful you
still shouldn't have to be bothered with the incessant knocking on
your router).


HTH

Harry

Roy wrote:

> Hi all,
>
> I very new to networking and I am having trouble getting my two
> computers to work together. My first question relates to SSID. I saw
> this information on a web site. (Apologies to the author as I can't
> remember the address). Quote:
>
> "To improve the security of your home wireless network pick an SSID that
> contains both letters and numbers.
>
> Do choose a name as long or nearly as long as the maximum length allowed"
>
> My question is why all the secrecy. My other computer sees the SSID and
> displays it. If my computer can do this I assume others can too. Unless
> of course I have missed the point!. Any help would be appreciated.

The author was surely writting about hidden SSIDs. Normally the SSID is
transmitted by the AP about 10 times a second adn everyone can read it.
With the hidden SSID feature on the boadcasted pakets do not contain the
SSID.
A client need to know the SSID to connect to the AP.
But don't think it's secure: the SSID is transmited when you connect to the
AP and can be read by everyone.

Thomas

Thanks for taking the time to reply everyone. I will be back soon with
other questions I'm sure!.

Regards,
Roy


.. www.btinternet.com/~godalming
"Roy" <(E-Mail Removed)> wrote in message
news:clam18$5vt$(E-Mail Removed)...
Hi all,

I very new to networking and I am having trouble getting my two
computers to work together. My first question relates to SSID. I saw
this information on a web site. (Apologies to the author as I can't
remember the address). Quote:

"To improve the security of your home wireless network pick an SSID that
contains both letters and numbers.

Do choose a name as long or nearly as long as the maximum length allowed"

My question is why all the secrecy. My other computer sees the SSID and
displays it. If my computer can do this I assume others can too. Unless
of course I have missed the point!. Any help would be appreciated.

Regards,

Roy.

www.btinternet.com/~godalming

Roy <(E-Mail Removed)> wrote:

> I very new to networking and I am having trouble getting my two computers
> to work together. My first question relates to SSID. I saw this
> information on a web site. (Apologies to the author as I can't remember
> the address). Quote:
>
> "To improve the security of your home wireless network pick an SSID that
> contains both letters and numbers.
>
> Do choose a name as long or nearly as long as the maximum length allowed"
>
> My question is why all the secrecy. My other computer sees the SSID and
> displays it. If my computer can do this I assume others can too. Unless
> of course I have missed the point!. Any help would be appreciated.

The advice you quoted applies to WEP keys, not to SSIDs. You should give
your wireless network a unique SSID that distinguishes it from other
networks in the area, but there is *no* security advantage to a long or
complicated SSID. An SSID -- long or short, hidden or open -- can
quickly be seen by anybody with a wireless networking card and easily
available software.

The only real security for wireless networks is encryption -- WEP, WPA,
VPN, etc. All the other things -- MAC filtering, SSID hiding, etc -- are
placebos.

On Fri, 22 Oct 2004 22:26:16 GMT, (E-Mail Removed) (Neill
Massello) wrote:

>Roy <(E-Mail Removed)> wrote:
>
>> I very new to networking and I am having trouble getting my two computers
>> to work together. My first question relates to SSID. I saw this
>> information on a web site. (Apologies to the author as I can't remember
>> the address). Quote:
>>
>> "To improve the security of your home wireless network pick an SSID that
>> contains both letters and numbers.
>>
>> Do choose a name as long or nearly as long as the maximum length allowed"
>>
>> My question is why all the secrecy. My other computer sees the SSID and
>> displays it. If my computer can do this I assume others can too. Unless
>> of course I have missed the point!. Any help would be appreciated.
>
>The advice you quoted applies to WEP keys, not to SSIDs. You should give
>your wireless network a unique SSID that distinguishes it from other
>networks in the area, but there is *no* security advantage to a long or
>complicated SSID. An SSID -- long or short, hidden or open -- can
>quickly be seen by anybody with a wireless networking card and easily
>available software.
>
>The only real security for wireless networks is encryption -- WEP, WPA,
>VPN, etc. All the other things -- MAC filtering, SSID hiding, etc -- are
>placebos.
How is MAC Filtering a placebo? I though it allows you to prevent
other devices from connecting to your router? That seems pretty secure
to me.

Or is their a way to spoof a MAC address? It that what makes it a
placebo?

Id be interested to learn more....

cheers

Harry

Taking a moment's reflection, Harry mused:
|
| This a snippet of text I pcked up regarding SSID
|
| 1. SSID Broadcast: DISABLE
| SSID (Service Set Identification) is a wireless broadcast network
| name, akin to a porch light. It allows your (and others) to home in on
| your specific address and start receiving data. SSID broadcast has
| some demonstrated vulnerabilities, and it is an increasingly secure
| option to disable it.

This is a false sense of security. Disabling it only serves to put your
WLAN outside of 802.11x spec. The SSID, like the MAC Address, is sent with
every wireless packet and is not encrypted. So, anyone with the ability to
hack your network can sniff the packets originating from your network, and
detect your SSID whether broadcast or not. SSID Broadcast disabling adds
nothing to security.

Taking a moment's reflection, Harry mused:
|
| How is MAC Filtering a placebo? I though it allows you to prevent
| other devices from connecting to your router? That seems pretty secure
| to me.

It will keep the casual attempt from connecting ... but so will WEP and
WPA. However, the MAC Address of the AP and the client WLAN cards are
contained, unencrypted, in every packet sent, so they can be easily sniffed.

| Or is their a way to spoof a MAC address? It that what makes it a
| placebo?

With some cards, the drivers allow you to change the MAC Address. Once
the person with this setup detects your WLAN card's MAC Address, they simply
set their card to match, and then wait for you to disconnect.

Harry <(E-Mail Removed)> wrote:

> Or is their a way to spoof a MAC address? It that what makes it a
> placebo?

Yes and yes.

None of these answers sound to good. My confidence in wireless technology
was short from the beginning and this thread didn't help. So what is the
best way to secure a wireless network if blocking the SSID, MAC filtering,
and encryption doesn't do the trick?


"Neill Massello" <(E-Mail Removed)> wrote in message
news:1gm7xao.15j56malrjuj4N%neillmassello@earthlin k.net...
> Harry <(E-Mail Removed)> wrote:
>
> > Or is their a way to spoof a MAC address? It that what makes it a
> > placebo?
>
> Yes and yes.
>