Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

visible invisible wifi network


  • Please log in to reply
6 replies to this topic

#1 len.moret

len.moret

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 13 June 2014 - 03:26 AM

Hey All,

 

Didn't know where to put this topic so excuse my stupidity when I am in the wrong section.

 

Some time ago I had a neighbour hitching a ride on my wifi network. He took advantage of my senseless installing an extra sitecom homeplug without configuring the wifi settings properly. He admitted to using my network but he denied doing this wilfully. He stated that he just used the (wps) button on his router and that the router itself choose the nearest and strongest signal.

Well, whatever you think of such a story is not really significant. I of course upgraded the security of the sitecom homeplug to the same security levels as my initial router. Which is a strong pass, making the SSID invisible and only allowing certain mac-adresses on the network.

 

Now lately while inspecting the security from a laptop, which I had ordered to forget my network, I found that by making a connection, windows could not see my SSID's and that I had to punch in blindley the name and the pass.

So far so good.

 

Anyway, I downloaded vistumbler and got it working. I performed the same test and ....... There it was, My network, the initial router and the homeplug behind it. So it seems that if you install the right programs your SSID invisibility is non existent. 

 

Now is my question:

 

How can I make my wifi SSID really invisible. I guess it can be done for I saw with the same programm two other wifi signals without a SSID.

 

Can you please point me in the right direction?

 

Sincerely,

 

Len



BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,335 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:24 PM

Posted 13 June 2014 - 08:47 AM

How can I make my wifi SSID really invisible.

 

The short answer, as you've already found out, is that you can't.  Not broadcasting your SSID only prevents the casual person from seeing your SSID, someone who wants to see it will be able.  This is part of reason I do not recommend turning off SSID broadcasting, the other is some devices have difficulty connecting to a wireless network that is not broadcasting the SSID.  Not broadcasting the SSID only provides a false sense of security.  The real security is using WPA or WPA2 with a strong password.


Edited by Kilroy, 13 June 2014 - 08:49 AM.


#3 Agouti

Agouti

  • Members
  • 1,548 posts
  • OFFLINE
  •  
  • Local time:04:24 PM

Posted 13 June 2014 - 07:34 PM

In addition to what Kilroy said you should read this: http://blogs.technet.com/b/networking/archive/2008/02/08/non-broadcast-wireless-ssids-why-hidden-wireless-networks-are-a-bad-idea.aspx

 

Just a few excerpts to pay attention to...

 

 

If the network name of a wireless network (SSID) is not broadcast, the clients must search for it with probe requests. So if you have one AP and 100 wireless devices, you partially limit exposure of the network name with one device while causing 100 devices to expose it instead. The probe frames sent by the clients advertise the SSID every 60 seconds, whether they are close to the actual AP or not. This means that instead of one device broadcasting the SSID in the immediate proximity of your network, you now have these 100 devices potentially advertising the SSID in every coffee shop, hotel, and airport they visit. The security vulnerability this exposes is worse the larger the wireless deployment is...

 

These probe packets still occur every 60 seconds, regardless of whether the network is reachable, and this constitutes a security risk by probing for the SSID repeatedly. A malicious user could attract the client to an unauthorized AP simply by duplicating the SSID and settings learned from the probe packets...

 

...and the same is true for later versions of Windows.

 

MAC filtering is a waste of time too.  Anyone who wants to spoof your MAC addresses could do it in less time than it takes you to set it up.


Edited by Agouti, 13 June 2014 - 07:36 PM.


#4 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:08:24 AM

Posted 13 June 2014 - 09:24 PM

How can I make my WiFi really invisible.

(1) Disable, Dynamic Host Configuration Protocol (DHCP), for the WiFi only, if you can from your router.
(2) MAC filtering.
(3) WPA, or WPA2, with a strong password.
(4) Hide SSID broadcasting.
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#5 len.moret

len.moret
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 17 June 2014 - 02:31 AM

Thanks for the answers Guy's.

 

So now I have changed the passwords to really strong passes. I am using WPA2 and AES encryption (without TKIP). What else can I do to fight off sneaky neighbors. Does anyone have a clue. 

 

And what is more, Is there a procedure which makes it easy to change all these strong 20+ character passes on each device that I authorized, to use the network. (I don't mean the one button approach if you know what mean.)

 

As I changed my pass I encountered this issue and suddenly I understood why people are hesitating to regularly change their passes. It was a real pain. Long and strong passes are safe but some devices don't allow certain special characters and,.... try to insert a new pass in my wifi-printer with a gui from before Christ's birth. So a way to easily change passes on all the devices with authorization would be very welcome. 

 

Sincerely grateful for your answers,

 

Len

 

Edit: Special thanks to Agouty for the link to the article which enlightened the subject on hidden ssid's and got me convinced to not hide my ssid. As said, it just causes the other devices to probe for the network with regular intervals and it doesn't add to the security. 


Edited by len.moret, 17 June 2014 - 02:49 AM.


#6 Kilroy

Kilroy

  • BC Advisor
  • 3,335 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:24 PM

Posted 17 June 2014 - 08:18 AM

Put your password in a text file and either e-mail it to yourself or store it in a Dropbox account.  While this doesn't work for the printer, it does make it easier for devices with a cut and paste function.  If you're using a long password you don't need all of the special characters, your WPA2 password isn't going to be subject to an offline attack.  Even just a 20 digit password would provide you with sufficient security.  You can get a general idea from the Password Haystack page.



#7 len.moret

len.moret
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 17 June 2014 - 10:23 AM

Thanks for the copy and paste suggestion Kilroy,

 

As usual the best suggestions are the simple ones. Now I still need to remember that I have to send the mail with the new passes before I start working on changing the passes in the router and the access-point. As I will forget these things easily I am glad I still have a network-cable to use. ;-)

 

Thanks mate. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users