dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
11
share rss forum feed

twixt

join:2004-06-27
North Vancouver, BC

1 recommendation

reply to antdude

Re: People's names in SSIDs.

said by antdude:

Hola senors.

I noticed one of my neighbors has his/her real name in SSIDs. Do you guys see this too in your local SSIDs?

Thank you in advance.

-

Hi, antdude. While this is a frequent practice, it has more to do with the convenience of the users on that WAP (Router) - so they can readily find the proper system without having to know an obfuscated SSID.

However, this does have the potential to make unauthorized access easier - so from a security standpoint I recommend home users select an SSID which cannot be readily traced to a particular location.

Obviously, hotspots in Commercial establishments commonly use SSIDs that readily identify their location - so users can connect to the WAP that will properly accommodate the password for that system. This is not necessarily "a good thing" (tm) - it simply reflects the need to accommodate a constantly-changing-set-of-users who access that WAP.

In a home environment, an obfuscated SSID can be readily obtained from the WAP (Router) administrator without undue effort. Consequently, IMO the security benefits of using an obfuscated SSID outweigh the practical constraints. However, opinions on the subject do differ...

The above is a standard Engineering tradeoff. The decision is therefore the responsibility of the WAP (Router) administrator - and the security implications that accrue are thus their responsibility to weigh. There is no "right" or "wrong" answer.

Hope this helps your understanding.

Tig

join:2006-06-29
Carrying Place, ON

1 edit
Twixt, please elaborate on how choice of SSID could make it easier for unauthorized access.

twixt

join:2004-06-27
North Vancouver, BC
said by Tig:

Twixt, please elaborate on how choice of SSID could make it easier for unauthorized access.

-

Hi, Tig. DownTheShore has the right idea...

If you know the physical location of a WAP/Router - then you can figure out who uses that WAP/Router. Thus, you know who to target for social-engineering-type attacks.

If you don't know that info, then your social-engineering-type attacks need to be generic - and thus they are far less effective.

Note: The above presumes that someone desires to penetrate a particular WAP/Router's defences. Since most attempts to penetrate are simply to steal internet access, this is irrelevant in many cases. Typically, it is much less work to move on and find a poorly-secured WAP/Router than it is to penetrate a router properly configured to use WPA2-AES with a strong passphrase.

However, the above assumes the hacker has no real purpose in his/her attack - other than to gain access to the internet. This is not always the case.

I am not going to detail various scenarios - since that gives people ideas I don't want to spread. However, there are several ways to compromise any system where the userlist for that system is known - methods successfully used in business environments work just as well (or better) in home environments.

More details on the above will not be forthcoming.

Suffice it to say that one of the ways in which Security is strengthened on a WAP/Router is to have no idea who the users are on that system. Hence the advisability of obfuscated SSIDs.

Tig

join:2006-06-29
Carrying Place, ON
Reviews:
·voip.ms
said by twixt:

... If you know the physical location of a WAP/Router - then you can figure out who uses that WAP/Router. Thus, you know who to target for social-engineering-type attacks.

Hi Twixt. Thanks for the explanation but I still don't see the concern.
If you are vulnerable to a social-engineering-type attack, your problem is not your SSID.
As for WEP, it's simply not secure regardless of who set up the router.

twixt

join:2004-06-27
North Vancouver, BC
said by Tig:

said by twixt:

... If you know the physical location of a WAP/Router - then you can figure out who uses that WAP/Router. Thus, you know who to target for social-engineering-type attacks.

Hi Twixt. Thanks for the explanation but I still don't see the concern.
If you are vulnerable to a social-engineering-type attack, your problem is not your SSID.
As for WEP, it's simply not secure regardless of who set up the router.

-

Hi, Tig. You are missing the difference between theory and reality.

In the real world, users are not perfect. We/They simply don't respond uniformly and predictably and reliably to threat environments.

Thus, the idea is to make identifying users of a particular WAP/Router more difficult - so that specifically targeted social-engineering-type attacks are made more difficult.

-

Important things to understand about real-world security:

Security is not about making things absolutely foolproof. This is impossible, because fools are so ingenious as to wreck even the most-carefully-constructed security environments.

Furthermore, even the most conscientious of users make mistakes. Humans are not inherently reliable. Even those with delusions of perfection - yes, insert incredulous remark here - have been known to do something as stupid as click on a confirmation they should have avoided... Such is life.

Thus, Security is about making things more-difficult in your particular situation - such that the intruder finds it easier to simply move on to an easier target.

-

Note: The issue of WEP is a red herring. IMO, users of anything other than WPA2-AES are simply asking for trouble.

However, again, we are dealing with real-world-users who are not perfect. Either through ignorance or sloth or cheapthink, users in these categories are not paying attention to valid security concerns.

I consider the vast majority of the above users to be categorically "incorrigible" - and nothing I can do or say will convince them of the usefulness of research, planning or forethought. Thus, I won't bother.

However, IMO anything I can do to mitigate their idiocy is to be applauded - and implemented.