SpeedTouch 585(i) v6: Allow New Devices?
in [Wireless Internet]
|
From: AndyHancock on 17 Apr 2010 17:29 On Apr 17, 4:05 pm, alexd <troffa...(a)hotmail.com> wrote: > On 17/04/10 19:35, AndyHancock wrote: > > > One think I find about not broadcasting SSID is that (surprise) it no > > longer shows up "View Available Wireless Networks" on Windows XP. > > This means I cannot initiate a connection at a time of my choosing. I > > have to set that network's properties so that I automatically connect > > to that network when the access point is in range, and then wait for > > connection to start. > > IMHO, 'hiding' one's SSID is futile; all it does is inconvenience > legitimate users, and it doesn't deter the bad guys one bit. > > "Wireless LAN security myths that won't die": > > http://blogs.zdnet.com/Ou/?p=454 The inconvenience is minor now that I've got it set up with allowed devices on the ACL. Most of the argument against SSID cloaking relates to its use in place of encryption, but the few people I know of who cloak their SSID also use encryption. In some of the links on that page, I did read with interest the fact that the mobile device broadcasts the SSID when probing for an AP of interest, but a follow-up comment that someone provided asked whether that is any less secure than when AP's broadcast their SSIDs continuously. I can imagine situations in which it can be exploited e.g. as described in the article impersonation of a preferred network to lure the mobile device (especially when the mobile device is far away from the preferred network, I guess). However,I'm not that familiar with wireless protocols, so I won't elaborate. About this spewing of preferred network SSID by the mobile unit, that's only when it isn't connected to the preferred network, right?
From: alexd on 18 Apr 2010 07:28 On 17/04/10 22:29, AndyHancock wrote: > About this spewing of preferred network SSID by the mobile unit, > that's only when it isn't connected to the preferred network, right? Yes. But once you're connected, your SSID is visible in every frame you send. And even when you're not connected - eg if a wired device ARPs for something else. -- <http://ale.cx/> (AIM:troffasky) (UnSoEsNpEaTm(a)ale.cx) 12:24:30 up 9 days, 1:39, 2 users, load average: 0.11, 0.13, 0.15 It is better to have been wasted and then sober than to never have been wasted at all
From: AndyHancock on 18 Apr 2010 11:50 On Apr 18, 7:28 am, alexd <troffa...(a)hotmail.com> wrote: > On 17/04/10 22:29, AndyHancock wrote: > > > About this spewing of preferred network SSID by the mobile unit, > > that's only when it isn't connected to the preferred network, right? > > Yes. But once you're connected, your SSID is visible in every frame you > send. And even when you're not connected - eg if a wired device ARPs for > something else. I did some reading on google hits for "arp wifi". I have to admit that it's not my area, but I get the general idea that spoofing can happen, and all traffic can be funnelled through the attacker's computer. This visibility of SSID in every frame, is it any different than the usual case i.e. when SSID is not cloaked? Furthermore, in the the latter case, does the mobile device will not be spew out the SSID of the access point? I'm guessing not, since it doesn't have to query if the preferred AP is near, since it is expecting the AP to broadcast its SSID. I'm also guessing that this is the point of vulnerability i.e. letting the attacker know the SSID of the preferred AP so that the attacker knows what to emulate. Finally, anyone who cloaks SSID will likely also use encryption. Would the ARP poisoning that you mentioned still allow the attacker to see the contents of your traffic?
First
|
Prev
|
Pages: 1 2 3 Prev: Trouble connecting to Internet through my D-Link router Next: Linksys or Netgear |