Re: SSID cloaking reducing WLAN security

[<jay.tomas () infosecguru com>]

Cloaking, just gives the possibility to potential attackers ,that there
could be something worth checking out!

> > > > Security is about layering your defense. No one element will be sufficient to protect you. I'm not necessarily 
> > > > proposing cloaking, but any additonal countermeasures could help. It doesnt say to attackers I have something to 
> > > > hide. It says hey these guy isnt some d@psh@t that took his AP out of the box and hooked it up with defaults. It 
> > > > will at least deter some of the wannabes who's only skills are to load up a livecd and go to town.<<<<

Jay

----- Original Message -----
From: redhowlingwolves () bellsouth net [mailto:redhowlingwolves () bellsouth net]
To: security-basics () securityfocus com
Sent: Tue, 6 Mar 2007 21:42:49 -0500
Subject: Re: SSID cloaking reducing WLAN security

If some form of unity was involved with the writing,and compatibility of
drivers,at least for most *nix servers....without having to resort to in
house compatibility testing,.....I believe the security of wireless
could be much improved.
Many people I know don't try to secure their wireless networks because
of cmp issues.....ie: no drivers from the NIC device makers that are
useable with the router they happen to be using!

I flipped out when I was told;  "I talked to an IT guy and he said the
depencdenies for...such and such card...are  too hard!!!"!?

Never mind that he could be the one taking advantage of your unsecured
router!    (This was a Windows case,none the less.....)

Wireless,whether your SSID is broadcast or not,is inherently vulnerable
to outsiders.I say inherently,because it uses radio waves,....ask any
ham radio operator how they can manipulate radio waves any way they
choose....!Especially if you happen to be within their range!

Cloaking, just gives the possibility to potential attackers ,that there
could be something worth checking out!

IMHO
                  Regards,
                        Scott