1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSID off, net name still visible?

Discussion in 'Cisco/Linksys Wireless Routers' started by RouterUserGuy, May 14, 2008.

  1. RouterUserGuy

    RouterUserGuy LI Guru Member

    Hi guys,

    Noobish question: I have Wireless SSID Broadcast disabled on my WRT54GS router. This is supposed to prevent it from broadcasting its presence, right?

    However, I just got a new (Vista) portable, and when I opened the list of detected wireless nets, mine's name was there. Huh? Am I missing something? Thanks!
     
  2. mstombs

    mstombs Network Guru Member

    Turning off SSID adds no security, it can still be sniffed - and if your machine has connected before it still knows it is there.
     
  3. RouterUserGuy

    RouterUserGuy LI Guru Member

    That seems a bit negative. The guides I've read say it's still worth doing.

    Yes, of course. But as I mentioned, this was a new machine; I was connecting for the first time.
     
  4. mstombs

    mstombs Network Guru Member

    See the link in here for a formal discussion of this

    http://www.linksysinfo.org/forums/showpost.php?p=321141&postcount=2

    Can you give an authoritative link to say why you should? The only reason I've seen is that if you have MAC filtering and WPA2 and it all works with SSID broadcast off you might as well hide as well (but it is no substitute for the other steps).

    Did you leave the SSID to default "Linksys", so many people do? If not then your vista driver is just using the sniffing technique, picking up the SSID when it is still broadcast.
     
  5. HennieM

    HennieM Network Guru Member

    Can't say why your new machine still sees the SSID, except if you are using some special supplicant or connection utility that sniffs, or you have screwed up firmware or a script or something that unhides your SSID even though you hid it in the web interface.

    On the point of hiding the SSID (and this is all my opinion only...;):

    The idea of hiding the SSID originated in the days of no- or just WEP security. Hiding the SSID contributed 40% of the security, because WEP only provided 60%. Big company administrators caught on to this idea, and it got to be a "de facto" standard.

    Enter WPA. WPA now provides, relative to WEP 100,000% security. The SSID hiding therefore now only contributes 40/100,000, which is less than 0.1%. The "de facto" standard idea stayed with the administrators, which is why many still recommend it.

    SSID hiding will fool "the occasional war-driver" that uses Netstumbler or other active means to find networks. These individuals usually don't know how to crack all the network's security anyway. The "real hacker" would be using a passive sniffer such as kismet (which WILL pick up hidden nets), AND they know how to crack the other security layers.

    Bottom line: If you use WEP or no encryption, you better disable the SSID, lock up the router, use directional antennae to contain the signal, use a VLAN to an AP concentrator, and do everything else you can to make the net more secure.
    If you use WPA or WPA2, just make sure you use a longish passkeys if using PSK, or good authentication mechanisms if using Enterprize/Radius.

    There are, IMO, much more negatives than positives in hiding the SSID, the major ones being:
    As mstombs mentions in the linked post, you neighbors will easily use your channel because they can't see you, flooding your net with interference.
    Similarly, you provide interference to your neighbors. Because they can't see you, they'll be trying everything except changing the channel, as "I have scanned and there are no other wireless networks near my channel...".
    Many devices also have trouble connecting to hidden networks.
     

Share This Page