Security questions. Disable SSID on wireless network?

[George]

I recall possibly reading something about it's best to "disable SSID" on a
wireless network, for security (or max security). Questions are...

1) How handle SSID broadcast?
Isn't it necessary while setting up a wireless network for the Wireless
Access Point (WAP) to broadcast its existence (is that same as its SSID?),
so others like laptops, printers, whatever, can establish a link. Is this a
one-time thing. Does this mean that AFTER these are all setup, then I
should go back to the WAP and select SSID Broadcast=DISABLED

2) How handle SSID name?
What about the defaul SSID name=unwired. If lots of people's new WAP
out-of-the-box all have "unwired" as default, wouldn't that be top of the
list to try for a local hacker just having fun finding/logging-on neighbors'
networks... he'd always try "unwired" as an easy possibility. Should I
change the default "unwired" to something like "wireless123"?

Thanks,
George

 

[Malke]

I recall possibly reading something about it's best to "disable SSID" on a
wireless network, for security (or max security).

This is incorrect. Disabling SSID is not something to do for security and it
will make it harder to connect.

http://www.ezlan.net/Wireless_Security.html
MVP Barb Bowman on wireless security - http://tinyurl.com/56fc5

(snip)

Does this mean that AFTER these are all setup, then I
should go back to the WAP and select SSID Broadcast=DISABLED
No.

Should I
change the default "unwired" to something like "wireless123"?

Yes. Change the SSID to something you will recognize. I suggest that my
clients not use their family name as the SSID. For example, you might wish
to name your wireless network "CastleAnthrax" or the like. ;-)

Malke

 

[Lem]

I recall possibly reading something about it's best to "disable SSID" on a
wireless network, for security (or max security). Questions are...

1) How handle SSID broadcast?
Isn't it necessary while setting up a wireless network for the Wireless
Access Point (WAP) to broadcast its existence (is that same as its SSID?),
so others like laptops, printers, whatever, can establish a link. Is this a
one-time thing. Does this mean that AFTER these are all setup, then I
should go back to the WAP and select SSID Broadcast=DISABLED

2) How handle SSID name?
What about the defaul SSID name=unwired. If lots of people's new WAP
out-of-the-box all have "unwired" as default, wouldn't that be top of the
list to try for a local hacker just having fun finding/logging-on neighbors'
networks... he'd always try "unwired" as an easy possibility. Should I
change the default "unwired" to something like "wireless123"?

Thanks,
George

You might be interest in reading this article:

Myth vs. reality: Wireless SSIDs
http://blogs.technet.com/steriley/archive/2007/10/16/myth-vs-reality-wireless-ssids.aspx

A more common problem caused by not changing your SSID from the default
is that *you* may end up connecting to someone else's wireless network
or vice versa (if both are so foolish as to not be encrypted) or you may
think you're unable to connect to your own (encrypted) network when your
wifi adapter actually is attempting to use your encryption password to
authenticate to your neighbor's identically-named but
differently-encrypted network.

--
Lem -- MS-MVP

To the moon and back with 2K words of RAM and 36K words of ROM.
http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
http://history.nasa.gov/afj/compessay.htm