Re: SSID
- From: "John Stubbings" <anna.riceDELETE-THIS@xxxxxxxxxx>
- Date: Fri, 7 Dec 2007 17:39:15 -0000
"Jeff Liebermann" <jeffl@xxxxxxxxxx> wrote in message news:rbril39u1u6iihn3g4gv0ptpv1mjccq86o@xxxxxxxxxx
Plan9 <benzplan9@xxxxxxxxxxx> hath wroth:
LR wrote:
John Stubbings wrote:<http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/123-04.JA/1400br/h_ap_sec_ap-client-security.htm>"Jeff Liebermann" <jeffl@xxxxxxxxxxxxxxxxxxxxxx> wrote in messageInteresting! When you say it works I presume you mean you can connect
news:odjhl3p0238br63dn95657gjsc9t7vjpu0@xxxxxxxxxx
On Thu, 6 Dec 2007 21:40:24 -0000, "John Stubbings"
<anna.riceDELETE-THIS@xxxxxxxxxx> wrote:
Can anyone point me to a reference [rfc] that says what exactly is
permissible in a SSID ESSID
like leading spaces what symbols etc
It should be in the IEEE 802.11 specification.
<http://standards.ieee.org/getieee802/802.11.html>
From IEEE 802.11-1999 7.3.2.1
7.3.2.1 Service Set Identity (SSID) element
The SSID element indicates the identity of an ESS or IBSS.
See Figure 35.
The length of the SSID information field is between 0 and 32 octets.
A 0 length information field indicates the broadcast SSID.
That's a bit misleading as the SSID is sometimes null terminated
leaving only 31 characters available. Some firmware versions screw up
if you use the full 32 characters.
The characters must also be printable, so no control characters are
allowed. I'm fairly sure that a leading space is also not allowed,
but there doesn't seem to be anything specified.
Tested with my Cisco access point with latest firmware
Does not allow trailing spaces
Does allow leading spaces, tested and it works with XP and FreeBSD system
Also: The following six characters are not allowed: ?, ", $, [, \, ],
and +. In addition, the following three characters cannot be the first
character: !, #, and ;.
Again tested with Cisco they say only + ] / " TAB and trailing space is
invalid
Tried ? and it works
Tried leading ! and it works
and transfer data rather than just see the SSID.
From the Cisco info. I have seen they are quite clear that those
characters are not to be used.
<http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100/h_ap_sec_ap-client-security.htm>
<http://www.exio.com/univercd/cc/td/doc/product/wireless/airo1130/1130hig/113h_c3.htm>
Interesting. It appears that in the absence of "specific and detailed"
valid SSID characters vendors have made up their own restrictions. I
looked at "ANSI/IEEE Std 802.11, 1999 Edition (R2003)" and could not find
any restrictions to the characters it might contain, only that it is an
octet string of size 0-32. I admit my look was very cursive and I may have
missed something, but it appears IEEE have dealt extensively with size and
use of SSID and almost nothing on what it can contain.
There are bigger holes in the 802.11 specs than a failure to specify a
char or string field type. Nobody ever considered the possibility
that users would want to intentionally obscure the SSID, hide the
SSID, or use it as any form of security. The previous standard was
published in 1997 and I vaguely recall (and am too lazy to research)
was originally inscribed in about 1994/1995. Now, think about where
we were in computing 12 years ago and see if you could predict current
applications. I think Windoze 3.1 and Xenix was the fashion. Linux
hadn't even been started. Next, try to predict where we'll be 12
years in the future and write an airtight spec that includes all
possible creative interpretations and mutiliations. Be sure to make
it compatible with systems that do not yet exist, with future security
considerations, with future government regulations, and with predicted
fashion trends. If you can do that, I wanna buy the crystal ball
you're using.
In my own case I have two Linksys wireless routers (WTR54G and BEFW11S4)
with SSIDs of the type #naaaaaa (e.g. #5window) and they both work with XP
and Kubuntu.
Question:
If the standards do not specify restrictions and a vendor applies
restrictions, is that a violation of the standards?
I lifted the SSID restrictions from the Cisco SSID Manager release
notes. See 2nd paragraph:
<http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1400br/h_ap_sec_ap-client-security.htm>
My guess(tm) is that the various strictures are the result of various
Cisco programs and shell scripts blowing up if confronted with these
characters. That would certainly explain the strictures on the
leading ! # ; which would probably blow up a Bourne Shell or Perl
script. Leading and trailing spaces will cause problems with HTML in
the configuration utilities. I found the problem with the null string
delimiter which resulted in a 31 character SSID, instead of 32. As
long as the management and configuration program handles the SSID as a
string, there's going to be scripting problems.
As for violating 802.11 standards, methinks you should take that up
with the Wi-Fi Alliance, which offers various certifications:
<http://www.wi-fi.org/wp/wifi-alliance-certification/>
<http://www.wi-fi.org/certification_programs.php>
However, I don't think you're going to get their attention. They have
successfully ignored the ASCII versus Hex WEP key concompatibility
between different vendor implimentations for years. There are also
some rather creative timing incompatibilities, such as those between
Meru Networks and Cisco. The Wi-Fi Alliance apparently (my guess) has
no interest in becoming an enforcement organization and is only
interested in selling certifications.
Incidentally, I recently had a customer discover that it was possible
to create a UserName in Vista that starts with a space. It was a typo
error but it's driving me nuts because some utilities accept the
leading space, while others do not. Directory names that start with a
space are officially proscribed, but I'm still stuck with:
c:\home\ user\
I can rename the user, but this customer already created a 2nd user
with the same UserName, but without the leading space. Now, he's got
files scattered all over the machine and randomly destributed between
the two UserNames depending on how various utilities and programs
handle the leading space. Worse, I can't move everything to a 3rd
neutral UserName because he has multiple network authentication
accounts all configured with the UserName.
So, go ahead. Try using a leading space and see what breaks.
Interestingly the problem I was trying to solve was exactly that. A client trying to logon to an access point and the software trimmed the leading space.
Not my access point I hasten to add. It wouldn't even occur to me to put in a leading space.
Anyway problem solved. Next.
.
- References:
- Prev by Date: Re: SSID
- Next by Date: Re: 802.11g vs 802.11n
- Previous by thread: Re: SSID
- Next by thread: Re: SSID
- Index(es):
Relevant Pages
|
