Wireless success with 802.11A/B/G!!

Discuss Networking
[root@localhost /]#
user
user
Posts: 15
Joined: Wed Dec 03, 2003 8:12 pm
Contact:

Post by [root@localhost /]# »

if you broadcast with an SSID of "default" or "linksys" or even "changeme" that is kinda asking for snooping.

and that is just if I braodcast my SSID. (I changed it to something else)

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Yes that is true, however, not broadcasting your SSID and/or changing it from the default without also using encryption does nothing more than prevent an "accidental" connection. If I fired up kismet the first packet I saw floating through the airwaves would tell me what your SSID is.

florin
user
user
Posts: 6
Joined: Mon Mar 29, 2004 6:10 pm
Location: Mountain View, CA
Contact:

Post by florin »

[root@localhost /]# wrote:if you broadcast with an SSID of "default" or "linksys" or even "changeme" that is kinda asking for snooping.
For an SSID, i would probably use "keepwalking". :D 8)

[root@localhost /]#
user
user
Posts: 15
Joined: Wed Dec 03, 2003 8:12 pm
Contact:

Post by [root@localhost /]# »

again, why bother? I have 2 neighbors with unsecured WAPs.

and I don't use WEP as it has caused problems in the past when legitimate devices try and connect.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

[root@localhost /]# wrote:again, why bother? I have 2 neighbors with unsecured WAPs.
So if there are 3 coins lying on the ground I should only bend over and pick up 2 of them? You certainly are free to not run encryption if you like, just don't think for a second that you have any sort of security. If you don't care if people watch what you do on your network there is nothing wrong with that. I'm just telling you that it is just as easy to see what you are doing on your network as it is seeing what your neighbors are doing. Changing your SSID and using MAC filtering have *no* effect on me seeing your traffic. Only with encryption do you have any sort of privacy with wireless networks.

To put it in laymans terms running without encryption is like leaving your shades open on your windows in your house. I can walk by and see what you are doing. With WEP, it's like closing the shades, I can't drive by and see into your house. Yes, if someone were so bold they could walk up to your window and pull the shades back (crack WEP with airsnort) and look in but chances are that's not going to happen because it would take them a few days of fiddling with the shades and I'm likely to get suspicious. Running something stronger than WEP is like pulling the shades, sliding the Window down and welding it shut. If I try hard enough, I can still find a way in but it certainly would be more difficult. With stronger encryption it's like welding bars over your shaded window, etc, etc.

Changing the SSID really has no effect at all. It's sort of like if the windows in your house came with a combination lock. Say all "Anderson" windows came with the default combination of 2-3-4, which is what you say your neighbors have. Now let's say you change that combination to 3-4-5. If you change it and don't run any encryption you might as well make a big sign with 3-4-5 on it and tape it to the outside of your Window. Now, if you are broadcasting your SSID, that's akin to standing by your open window and yelling out "3-4-5". No matter which way you slice it, the combination is as plain as the nose on your face (assuming you have a nose, and it's rather large).

Again, I don't even need the combination to just look into your house (kismet). I do need it if I want to crawl into your window and take things (associate/connect to your AP and configure an IP address), but that's ok because you have yours taped to your window, thanks for that. With encryption, I would also need the encryption keys just to get the shades back so I can see in your house.

[root@localhost /]#
user
user
Posts: 15
Joined: Wed Dec 03, 2003 8:12 pm
Contact:

Post by [root@localhost /]# »

Like I said, I don't really mind that I don't run WEP, like I said, for me WEP causes more problems than it solves.

if I don't want snooping i just use an ethernet cable.

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

That's cool. I just wanted to clarify that because I couldn't tell for sure if you thought you were secure. Sorry about that. If nothing else hopefully it will clarify it for other people who might *think* they are secure by changing their SSID and even using MAC connection filtering.

[root@localhost /]#
user
user
Posts: 15
Joined: Wed Dec 03, 2003 8:12 pm
Contact:

Post by [root@localhost /]# »

Image
that is mostly more secure than Wi-Fi on any day of the week, except friday, fridays are awesome.

Post Reply