O Canada! > Canadian > Bell Canada > [Internet] Is hiding wireless SSID a good idea? does it cause pr

[Internet] Is hiding wireless SSID a good idea? does it cause pr

Re: [Internet] Is hiding wireless SSID a good idea? does it caus

reply to goleafsgo8
Hiding the SSID does nothing, as the radio still is broadcasting. In some cases it makes it hardware for some wireless devices to connect to your network. It is part of the wireless signal so it does not cause interference and from a security standpoint doing so does nothing.

However you should select a unique SSID, but one that is not traceable to you (i.e. pet names/addresses/etc). Unique SSIDs are not found on rainbow tables (a hacking helper) so it would force a "would be hacker" to start fresh and do a full all out brute force attack. Such an attack would be very time consuming and provided you have used a long random passkey, essentially impractical for an attacker given the extreme amount of computation power they would need to crack the code in a reasonable length of time.

But to answer your question, yes, by hiding the SSID you must manual enter the SSID along with the passkey in each of your wireless devices. With the SSID broadcasting on a device like a laptop you only need to click on the desired SSID, and then input the passkey.

What you should do is turn WPS off if your router is equipped with that (counterproductive) feature. But be aware that at this point no one has tested that modem to confirm that turning WPS off in the GUI (graphical webpage) actually turns the feature off. Until this is known, the safest course of action would be to turn off the wireless functions and only enable it for duration under two hours.*

Remember that your passkey should be random and not full of short words. It is still vulnerable to brute force attacks which also include dictionary attacks (a list of commonly used words).

*two hours seems to be the minimum time to crack the WPS pin based on reports. The actual time will vary depending on a number of factors.

Hi thane and max, thanks for a informative answer. Regarding the WPS, isn't it just a security setting like WEP, WPA, and WPA2? If we're not using WPS, are we still prone to an attack? I read the article but I'm not very tech savvy so I did not completely understand what the WPS hack allows a hacker to do to my home network. Also, why would anyone want to access a random home network? I mean it makes sense to attack a company's wifi but a random home network? Should we really be worried?

reply to goleafsgo8
Yes, you would have to enter the SSID and password manually.
It should work fine.

If you are using Windows 7, right click on the wireless network and select "Connect even if the network is not broadcasting its name (SSID)"
All my devices are less than 2 years old, I am not sure if the old devices will have any issues connecting

If you are using an android tablet or smartphone, you have click forget the SSID and enter the details manually to get connected.
The only thing that isn't working for me is the wireless printer, which I will figure out later.

This explains why its good to disable SSID broadcasting: »compnetworking.about.com/cs/wire···cast.htm

reply to goleafsgo8
The 2wire can barely send a wireless signal in a tent. In a house it's a lost cause. Just get a router and use DD-WRT firmware.

reply to annayya

reply to goleafsgo8
No, it’s an added on feature that the WiFI alliance came up with to "make it easier" to connect devices to a home network. Not all routers have it, and those which do have WPS only a certain subset are vulnerable to the flaw. The way it works is to provide a smaller (and less secure code) to gain access to a wireless network.

Once WPS is activated, it can be used at any time, any number of times. The code never changes, and there is no limit of how often it is used. For that reason if you can, turn it off.

As for hacking/cracking - people do it because they can, they want to, or any number of reasons. Given the inflated costs of bandwidth, if a hacker can leach off some unsuspecting network at no charge why wouldn't they? Granted this cracking process is more time consuming than cracking WEP, it still can be done in a quite afternoon or evening.

Now for the nuts and bolts of how STUPID WPS is:

For the sake of argument this is my WPA2/AES passkey*:
NnWZ=4olbX5htAneWR_MGsEX0hA1:ezv-8T!ZouI3JcT:O*1Lroy,R48?sCazGq
Hardly an easy thing to remember and somewhat inconvenient to give out to guests, or enter into wireless devices that lack a full-sized keyboard. But suppose my router was equipped with WPS PIN and had a code of 3928471. In this case I only need to enter this code (on WPS supported devices) and I connect. It does not take a rocket scientists to figure out which one can be brute forced faster. But, oh yes there is more.

In fact the PIN is only 7 digits, the final digit is a mathematical checksum so if you know the first 7 digits, you can compute the final one. (For the sake of nitpickers I made up that WPS key thus the final digit may be off). Still this is not the flaw WPS flaw though it’s very poor design. Depending on which PIN system (there are two) the manufacture used, on the affected type (external registrar) when I enter the PIN code the router will check the validity of the first part of the code separately from the second half (last 4 digits).

If you do the math an eight digit WPS PIN has ten million possible combinations (10,000,000)
But on affected WPS PIN routers because the PIN is halved and each part checked separately. This narrows the possibility of the first four digits to 10,000 possible combinations. And the final set (really only 3 digits thanks to the checksum) works out to be just 1000 possible combinations. The separate check for each half of the code accelerates testing because it returned to the hacker if that half of the code was correct. And if a manufacture failed to add in a lockout system (i.e. get it wrong 3 times and you must wait X minutes before trying again) you can see how fast the cracking process works. Again that last bit is design, or the failure to design correctly.

Once the PIN is sorted out, as soon as a hacker uses it to connect to your network they are given (thanks to the WPS system) the long encryption passkey (which can be recorded for future use - such as when/if the victim ever turns WPS off).

Basically they had a good idea with WPA2 AES, and then buggered it all up with WPS.

*OK lets be frank, the people at WiFi also screwed WPA/WPA2 up as there is no lower limit on how short a passkey can be, nor do they have any complexity rules in place. One (if one was stupid) could have set a passkey as "mycat". Though a brute force attack is still needed, because “mycat” is a simple common word it’s also found in hacking dictionaries along with tens of thousands of other similar words. It could be improved by substituting some of the letter with similar looking numbers (i.e. m4c@t); still it’s not much better and still too short.

As such a good rule is to have at least 16 characters and not use whole words, and though in some punctuation or other ASCII keys.

reply to Thane_Bitter

reply to goleafsgo8
Hiding your ssid only makes someone want to crack your home network more. That means you are hiding something. You have some treasure on your network that can be exploited and I want it. If the party is war-driving, then, THEY WILL TRY AND CRACK THE ENCRYPTION TO SEE WHAT IS THERE. AND THEY WILL TAKE SOME EXTRA TIME TO BYPASS IT.

Trust me

Its' just like the rush from geo-caching.

As a matter of fact I have to change my ssid name and pw again

reply to annayya

Hiding SSIDs causes more problems.

reply to goleafsgo8

Re: [Internet] Is hiding wireless SSID a good idea? does it caus

reply to cpalindc
Two reasons, the first you have sort of touched on. Too often people don't take the appropriate security steps and do very dumb things (i.e. setting the SSID the same as the passkey, and even the router login).

The second reason is because of rainbow tables. In WPA/2 the SSID is used as part of the encryption process via a technique called key stretching. In English the SSID is mixed in with the user selected pass key according to a known mathematical formula. These tables which are built on common SSIDs have been generously precompiled to save a hacker time as they attempt to crack a network.

reply to Chuck sTruck

reply to goleafsgo8
FYI, WPA-AES and WPA2-AES are pretty much the same thing. You just want to avoid WPA-TKIP if possible. WPA2 also doesn't work with some router features such as client bridge mode, so WPA-AES is the best choice.

reply to goleafsgo8
As a side note, you could also limit the amount of IP addresses given by the modem to the amount that you use and use a MAC address filter so your modem only allows throughput to/from the MAC addresses you populate the list with. (Although this can still be worked around with MAC spoofing) Assuming it's your modem that's the DHCP server.
But every little helps

reply to goleafsgo8
Keep your SSID, actually have fun with it invent creative SSID names from time to time. if you want to opt out of being collected by google map vehicles who swarm through your area you can append _nomap to the end of your SSID.

Do use WPA2-AES encryption with a mixed bag of alpha-numeric-full 32 char passwords or whatever maximum your router allows. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP).

These two little programs can help you with signal monitoring in your wifi range & neighborhood.

• WirelessNetView
• inSIDDer 2.0
Make sure you add oui.txt to the folder you have both programs in.

• Hacking Wireless Exposed is a great read and a .pdf can be bought online somewheres if you look diligently.