In message <#8UM#
[email protected]> "Hank Arnold (MVP)"
If I'm outside your house with a wireless enabled laptop, I can just
about guarantee that I can find your router. Most folks don't even
disable the SSID broadcast. Once I can "see" you, I can access it and
attempt to logon..
First off, if you've disabled your SSID broadcast, turn it back on and
stop adjusting controls you don't understand.
There are a number of reasons, but the biggest one being that it's not
only completely useless as a security measure, but also a potential
information leak since instead of your route broadcasting it's SSID, all
of your client machines broadcast the SSID constantly.
In other words, you take your laptop to a coffee shop and power up, if
I'm sniffing traffic I'll see your laptop seeking an SSID, and if I'm
bored, I might just fire up a virtual AP using that SSID and see if your
machine isn't just dumb enough to connect.
Second, when someone else sets up a wireless network, should they be a
good neighbour they'll listen to nearby access points and set up a
non-conflicting channel. Some APs are reportedly automatically setting
channels now, taking nearby networks into consideration.
Turning off SSID is sufficient to hide from very basic scanning tools
(like another AP that doesn't want to sit on the same channel and
conflict), but it doesn't accomplish squat as far as security goes.
