Back to list
Re: To broadcast or not broadcast, that is the question (SSIDs)
Sep 05 2008 07:24AM
Luiz Eduardo (le atelophobia net)
-----BEGIN PGP SIGNED MESSAGE-----
Hi Josh, and all.
> Especially with XPSP3/WZC and Vista, having a cloaked SSID forces your
> clients to ask every AP "Are you my mother?". An attacker can use this
I really wasn't aware of that, I thought it would do the usual "ask to
broadcast" if the ap was there, that's interesting.
> information to impersonate your SSID, and to compromise the anonymity of
> the AP's you've visited before (if I see you probing for "mccarren",
> "hhonors" and "ShadyLady", I know you were at McCarren Airport, were too
> cheap to stay on the strip (Hilton) and visited the Shady Lady while you
> were in town.
> When you do not cloak your SSID, your clients don't have to keep asking
> if their AP is there; they will know by looking at a beacon frame.
I am sure missing something obvious here, but, most of the clients, save
whatever network you connected to to their preferred list (which will cause
the anonymity problem you described above).
Specially corporate laptops, that will come pre-configured by the IT folks,
will have the corporate SSID setup. How to get around this though? Not
configuring some authentication stuff (if using .1x) , will surely help, but
most (at least) of the windows clients will still look for a SSID prior to
> - -Josh
> p.s. I don't know if the Shady Lady has a wireless network or not.
we know McCarran has pretty darn good free wifi, but a web-search doesn't
show any wifi @ the Shady Lady :)
adding to the other email that was answered, and most here might know better
than I do, using a passive scanner, like Kismet, and hidden ssid, will not
show the ssid name until a valid client actually associates to that SSID.
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.1 (Build 2523)
-----END PGP SIGNATURE-----
[ reply ]
Copyright 2010, SecurityFocus