Wireless Security
To broadcast or not broadcast, that is the question (SSIDs) Sep 04 2008 08:44PM
lister lihim org (4 replies)
Re: To broadcast or not broadcast, that is the question (SSIDs) Sep 04 2008 10:36PM
Jesse Gough (jesse_gough symantec com)
On 9/4/08 1:44 PM, "lister (at) lihim (dot) org [email concealed]" <lister (at) lihim (dot) org [email concealed]> wrote:

> I know that turning off SSID broadcast doesn't buy you anything, but what
> is the impact if it is turned off?
>
> Client issues?
> Additional packets?
> Any additional security vulnerabilities?
>
> Just trying to prepare for a debate with an auditor on the merits of
> broadcast versus non-broadcast of SSIDs.

Turning it off actually violates the 802.11 standard, and does cause client
issues. Windows XP for example will frequently disconnect from a
non-broadcasting network to favor a broadcasting one. This will only
frustrate your users, hinder productivity, and increase your call volume to
IT support. There is a Microsoft KB article regarding this, and the
suggested remedy is to turn broadcasting back on because they don't consider
it a bug.

Consider the security implication there - if someone creates a rogue AP and
broadcasts with the ID that your network is configured not to broadcast,
Windows will help to ensure that they get connected to the rogue one every
time :)

The original PCI security standard actually mandated disabling of SSID
broadcasts. Fortunately version 1.2 (due out this October) has removed this
requirement, citing its lack of any improvement to security.

The AP won't show up in your regular Windows wifi network list, but it'll
show up even more for anyone running netstumbler or similar. Instead of the
AP broadcasting it, the clients will just be flooding the air trying to find
it. Besides undermining your intention to keep it from being advertised,
this can also have an adverse effect on network performance.

-JG

[ reply ]
RE: To broadcast or not broadcast, that is the question (SSIDs) Sep 04 2008 10:23PM
Ed Carmody (ecarmody gmail com)
Re: To broadcast or not broadcast, that is the question (SSIDs) Sep 04 2008 10:12PM
Jorge L. Vazquez (jlvazquez825 gmail com)
Re: To broadcast or not broadcast, that is the question (SSIDs) Sep 04 2008 10:08PM
Joshua Wright (jwright hasborg com) (1 replies)
Re: To broadcast or not broadcast, that is the question (SSIDs) Sep 05 2008 01:15AM
Mark Hofman (mhofman shearwater com au)


 

Privacy Statement
Copyright 2010, SecurityFocus