How are we supposed to read 5GHz WiFi signal strength bands?

Discussion in 'Wireless Internet' started by ceg, Aug 23, 2015.

  1. They don't. The HOME-XXXX format, where XXXX might be the last 4
    digits of the MAC address, is the default SSID for Comcast "gateway"
    style wireless routers. I'm not sure when this started, but my
    guess(tm) is about 2 years ago.

    Anything is better than linksys, dlink, default, hpsetup, and default.
    <https://wigle.net/stats#mainstats>
    3.74% of about 210 million wireless networks use the default SSID. I
    guess this is proof that most computer users have no imagination.
     
    Jeff Liebermann, Aug 26, 2015
    #21
    1. Advertisements

  2. ceg

    Mark Lloyd Guest

    I have been in a nearby city, where there are a lot of college students.
    I don't see "home" but I do often see ISP names or router brand names.
    It looks like an attempt by sellers to provide unique SSIDs, and users
    who don't change the defaults.

    Where I live, I don't see prefixes like that, but I do see some
    interesting names like "FBI Surveillance" and
    "ThisIsNoyTheWiFiYou'reLookingFor".


    --
    Mark Lloyd
    http://notstupid.us/

    "HUMANISM: an exaltation of freedom, but one limited by our need to
    exercise it as an integral part of nature and society." [John Ralston
    Saul]
     
    Mark Lloyd, Aug 26, 2015
    #22
    1. Advertisements

  3. ceg

    Mark Lloyd Guest

    On 08/26/2015 09:08 AM, Jeff Liebermann wrote:

    [snip]
    I used to see a lot of "Linksys" SSIDs without wireless security. Once I
    considered connecting and changing it to something like "I'm so
    insecure!" or "I need my WPA!",

    --
    Mark Lloyd
    http://notstupid.us/

    "HUMANISM: an exaltation of freedom, but one limited by our need to
    exercise it as an integral part of nature and society." [John Ralston
    Saul]
     
    Mark Lloyd, Aug 26, 2015
    #23
  4. ceg

    ceg Guest

    Ah. That makes a *lot* of sense (I hate when that happens!). :)

    This is a "comcast neighborhood", where all the college kids live. We can
    assume most of them weren't born with a router next to the silver spoon
    in the cradle, so, they probably got their modem/router combo's from
    Comcast. And Comcast probably defaulted on the naming conventions.

    That makes too much sense!
    Thanks for 'splaining.
     
    ceg, Aug 26, 2015
    #24
  5. ceg

    ceg Guest

    Because of butterfly tables, you want your ESSID to be unique, I think.

    The details are beyond me (I think Jeff Liebermann turned me on to this
    concept), but the net is that you don't want your ESSID to be something
    that is in the hash tables of 30 million other ESSIDs.
     
    ceg, Aug 26, 2015
    #25
  6. ceg

    Tony Hwang Guest

    Fancy SSID has no impact on security.
     
    Tony Hwang, Aug 27, 2015
    #26
  7. ceg

    ceg Guest

    Butterfly hash tables?
     
    ceg, Aug 27, 2015
    #27
  8. Wrong. The SSID is used as a "salt" to do WPA/WPA2 encryption. The
    rainbow tables are only useful if the SSID of the system that you're
    attacking is the same as one of the SSID's in the rainbow table. Using
    a common SSID listed on Wigle improves the probability of a successful
    attack. I use my address.

    <http://www.renderlab.net/projects/WPA-tables/>
    <https://wigle.net/stats#ssidstats>
     
    Jeff Liebermann, Aug 27, 2015
    #28
  9. ceg

    Tony Hwang Guest

    Regardless, it is crackable if one intends to.
    I don't even bother hiding my SSID. Nothing
    important in my home network. My lawyer, bank,
    accountant keeping important stuffs.
     
    Tony Hwang, Aug 27, 2015
    #29
  10. This is one reason why I hate security discussions. If you really
    think there's nothing important on your home computah, then I suggest
    you test this. Install a program that does a recursive text search on
    all your files. For Windoze, I use Agent Ransack:
    <https://www.mythicsoft.com/agentransack>
    Plug in your social security number, checking account numbers, and
    credit card numbers, and see what it finds. The idea is to obtain
    enough info to perform an identity theft. I was rather surprised to
    find both on my machine. While WPA2 cracking is usually just to gain
    access to a faster or more convenient internet connection, it's not
    beneath the dignity of most casual hackers to make some money on the
    side.
     
    Jeff Liebermann, Aug 27, 2015
    #30
  11. ceg

    Sam E Guest

    It could affect how attractive your network is to a potential intruder.

    So, indirectly, it is affecting security since it makes the difference
    on whether or not someone tries to get in.
     
    Sam E, Aug 27, 2015
    #31
  12. ceg

    Sam E Guest

    Don't name your WiFi network "monkey".
     
    Sam E, Aug 27, 2015
    #32
  13. The SSID can be 1 to 32 characters. One of my customers set his SSID
    to "*". I forgot exactly what it broke, but I do recall spending a
    week failing to fix what I thought were unrelated problem. When I
    changed the SSID to something reasonable, all the weirdness went away.
    This was quite a while ago so presumably it's now fixed.

    Another fun SSID is "ANY". I don't recall what it was suppose to do,
    but it was thrown into some long forgotten manufacturers firmware to
    allow any device to connect, probably for repeaters and range
    extenders. Try it and see what breaks.

    Also try "Free Public WiFi" which is really a Microsoft XP bug.
    <http://www.npr.org/2010/10/09/130451369/the-zombie-network-beware-free-public-wifi>
     
    Jeff Liebermann, Aug 27, 2015
    #33
  14. ceg

    Ewald Böhm Guest

    It doesn't seem like you understand the problem.
    Maybe you do, but it doesn't seem like you do.

    The problem is they used, as a salt, the ESSID!

    That's a pretty dumb salt.

    It's even a dumber salt if the owner leaves the ESSID at the default
    values, or, if the owner changes the ESSID to something common.

    Because of that, anyone with the tables already has your hash and is on
    your wireless network already.
     
    Ewald Böhm, Sep 4, 2015
    #34
  15. ceg

    Ewald Böhm Guest

    You have to realize what Jeff is trying to tell you, which is that any
    common name for the ESSID has *already* been hashed.

    In that case, WPA2/PSK is worthless.

    Use a common name, and you immediately have no security no matter what
    you set the security to.
     
    Ewald Böhm, Sep 4, 2015
    #35
  16. ceg

    Mark Lloyd Guest

    WPA2/PSK is one thing that is needed. Another is a better ESSID.

    --
    112 days until the winter celebration (Friday December 25, 2015 for 1
    day).

    Mark Lloyd
    http://notstupid.us/

    "He's a born-again Christian. The trouble is, he suffered brain damage
    during rebirth."
     
    Mark Lloyd, Sep 4, 2015
    #36
  17. ceg

    Ewald Böhm Guest

    You need both.
    One without the other is worthless.
     
    Ewald Böhm, Sep 6, 2015
    #37
  18. ceg

    Mark Lloyd Guest

    Yes, both are better. I was never recommending only one, even though
    that would be far from worthless.

    --
    110 days until the winter celebration (Friday December 25, 2015 for 1
    day).

    Mark Lloyd
    http://notstupid.us/

    "If I see a professing vegetarian eating meat, it is no hypocrisy for me
    to point out his inconsistency even though I personally do not subscribe
    to the principles of vegetarianism."
     
    Mark Lloyd, Sep 6, 2015
    #38
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.