Re: SSID Broadcasts

Den Mon, 02 Apr 2007 22:25:25 +0000. skrev Jeff Liebermann:

On Mon, 2 Apr 2007 16:16:38 -0400, "The Rejuvenated Techie"
<nevertell@xxxxxxxx> wrote:

I read on a few Websites that advised disabling SSID broadcasts on the AP
and router. When I disabled the broadcasts it knocked my AP out of the
loop, but my connection at the farthest most PC quickly switched, although
weakly, to the main router.

Yep. when the WAP54G tries to repeat the SSID of the WRT54G to the
client, and there's nothing there, the client will not be able to
connect. Thanks for reminding me of another reason why I hate
repeaters. You might find my rant on the subject interesting:
<http://groups.google.com/group/alt.internet.wireless/msg/bf2b30cf583a3703>

I realize a determined hacker is going to find my network anyway, but I
wanted to at least put up some semblance of a stumbling block. It looks
like the router and the access point behave differently. Does anyone have
any experience with this? Any advice?

Sorry, no real experience with SSID hiding and repeaters. I consider
repeaters and most mesh networks an abomination (or worse).

Security by obscurity is a bad idea. The obstacle course slows
hackers down, but often creates side effects. You're seeing just one
of them. The other problem is that hiding the SSID makes it easier
for the neighbors to accidentally land on your system. Any script
kiddie with a Live CD containing Kismet will find your system anyway.
MAC spoofing is just some sniffing followed by a registry tweak or
ifconfig incantation. I could do it blindfolded.

What Jeff said holds true. Furthermore, as far as I recall, according to
the 802.11 specs disabling ESSID broadcasts breaks among other things
roaming in a multi-AP setup, and therefore ESSID broadcast is mandatory in
those cases. Using a repeater is in a sense a kludged roaming setup.

Since you are using WPA-PSK, and if you have a non default ESSID, and use
a fairly long (16 char minimum) passphrase, (preferably a nonsenical
passphrase with numeric, capital and non capital alphabetic and
non-alphabetic characters), you should only be worried if the NSA or the
GHCQ are trying to listen in on you. If you look out the window, and don't
see any black choppers hovering above in the vincinity, WPA-PSK is
sufficiently secure for home/SoHo usage IMHO.

J.D. "Dutch" Schmidt
.

Relevant Pages

  • Re: Question regarding Netbios
    ... NetBIOS is not stopped by routers - only NetBIOS ... Most broadcasts, including NetBIOS broadcasts are blocked, ... at router interfaces because router interfaces consitute the ... thier subnet - meaning, each browser client on that subnet is known to the ...
    (microsoft.public.win2000.active_directory)
  • Re: Wireless Poker
    ... First I tried placing a plate covered in tin foil behind the router to ... Second I tried the repeaters that plug into the AC. ... Third I tried wireless repeaters from Netgear. ...
    (rec.gambling.poker)
  • Wireless Poker
    ... First I tried placing a plate covered in tin foil behind the router to ... Second I tried the repeaters that plug into the AC. ... Third I tried wireless repeaters from Netgear. ...
    (rec.gambling.poker)
  • Re: Wireless Poker
    ... First I tried placing a plate covered in tin foil behind the router to ... Second I tried the repeaters that plug into the AC. ... Third I tried wireless repeaters from Netgear. ...
    (rec.gambling.poker)
  • Re: Question regarding Netbios
    ... I left out two important words: broadcasts and typically. ... at router interfaces because router interfaces consitute the ... > To browse a resource requires the Browser Service to be able to span IP ... > thier subnet - meaning, each browser client on that subnet is known to the ...
    (microsoft.public.win2000.active_directory)
Loading