Security Basics mailing list archives
Re: Re: SSID cloaking reducing WLAN security
From: levinson_k () securityadmin info
Date: 7 Mar 2007 23:24:52 -0000
Beware of any security statements that use the word "always" or "never." Security countermeasures are usually not always good or always bad for all environments, e.g. home users, corporations, governments, etc. Hiding your SSID could in theory pique the interest of some attackers (if a skilled wireless hacker just happens to be a few dozen feet from your house, for example), but that isn't the same thing as saying it REDUCES your security. Either your wireless is secure, or it isn't. A determined attacker is going to get into an insecure wireless setup whether or not SSID is broadcast. Using a firewall could also arguably show you have something worth protecting. Nowadays, so many people with no data of value use firewalls and disable SSID broadcast, and so many people with something of great value do not, that trying to deduce the value of the data from SSID broadcasts is not very useful, and is not really something attackers do. Broadcasting your SSID could also increase some kinds of risks, by attracting the interest of casual attackers. Since broadcasting and not broadcasting SSID can both increase and decrease different kinds of risks, which one decreases your total risk more? That really depends on the individual situation. The same arguments have been made as to why disabling software banners like FTP banners, and "security through obscurity," are both supposedly worse than useless. Neither of these is universally true. These countermeasures do little to deter a determined attacker or automated scans that attack without checking first for vulnerabilities, but that doesn't make them useless. These things do help to prevent some casual attackers looking for low-hanging fruit, and with so many casual attackers out there, this is usually a useful benefit. Most home users can remain secure enough simply by making sure they aren't the low hanging fruit, that their systems are more secure than those of their neighbors. RE: the statement about manipulating radio waves, it is commonly accepted that compromising the confidentiality or integrity of wireless connections using IPSec VPN and/or WPA2 is non-trivial. At which point, enabling SSID broadcast doesn't really improve your security, and disabling it certainly does not weaken it. (Of course, none of these do much to protect the availability of wireless against DoS attacks.) kind regards, Karl Levinson http://securityadmin.info
Current thread:
- Re: SSID cloaking reducing WLAN security redhowlingwolves (Mar 07)
- <Possible follow-ups>
- Re: SSID cloaking reducing WLAN security jay.tomas (Mar 07)
- Re: Re: SSID cloaking reducing WLAN security levinson_k (Mar 08)