December 07, 2019, 01:03:12 PM

Author Topic: SSID broadcasts  (Read 21201 times)

0 Members and 1 Guest are viewing this topic.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
SSID broadcasts
« on: March 16, 2005, 06:07:08 PM »
This may be a dumb question, but I'm kinda new to wireless networks so bear with me.  I've got four computers with WMP54G's on them running through a WRT54G router.  I don't actually need any security past the 128-bit WEP it offers, but I wanted to try to disable the SSID broadcasts.
I've heard you can do it, but none of my computers can find the network if I disable it.  I even give them the SSID and WEP code and they still can't find them.  

First off, is there any actual need to disable SSID broadcasts?  Will it enhance security?  And how can I do it?
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Re:SSID broadcasts
« Reply #1 on: August 13, 2005, 01:22:04 AM »
Wow, I was a complete idiot in March.  Anyway, this is what's happening (if anyone cares):

First off, 128-bit WEP encryption is probably more than any 4 computer wireless ethernet will ever need.  In fact, it maybe arguable that wireless networks greatly surpass wired networks in security.  In the first place, it's incredibly difficult to crack a 128-bit public/private key encryption code, second off, if the SSID broadcasts are turned off, most sniffers will never even be able to find the encrypted signal.  Thusly, that will offer way more security than you (I) will ever need.

Thirdly, in order to disable SSID broadcasts, each computer in the network must be given the WEP key and the SSID.  However, this cannot be done using the crappy software that ships with linksys stuff (even though it claims it can).  I suggest uninstalling any software and using a third party program like:

http://www.devicescape.com/ (WOC)
http://www.woodstone.nu/salive/reg.asp
http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html

or even the Windows XP builtin wireless manager cajjigidy.

Oh, and also, I admire your work, benthehutt, and I wish I could kiss the ground you walk upon...

humbly yours,
benthehutt :-*
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Offline wilnix

  • mv user /dev/null
  • Administrator
  • Forum Hero
  • *****
  • Posts: 690
  • Country:
  • Gender: Male
  • You're not the fastest packet in the subnet...
    • Wilnix - The NetAdmin's Resource
Re:SSID broadcasts
« Reply #2 on: August 14, 2005, 01:55:11 AM »
Wow, sounds like a good place to post about WPA, AES, etc...

I have plans from my wifi implementation i can put up here as soon as i get back to work...just the general stuff...

Wilnix
alt email address: wilnix@hackphreak.org

syklops

  • Guest
Re:SSID broadcasts
« Reply #3 on: March 20, 2006, 01:26:52 PM »
this thread is somewhat out of date now, but I thought I would post this link up anyway.

The FBI demonstrating at, I think it was Defcon, how to crack 128-bit wep in about 10 mins. I have done it and it works.

the link is here
« Last Edit: March 20, 2006, 01:27:51 PM by syklops »

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Re:SSID broadcasts
« Reply #4 on: March 20, 2006, 02:58:36 PM »
Heh, good ole FBI.  I've got a mathematician friend who worked for the NSA, he said they've got a computer whose sole purpose it to be able to crack RC5-128 encryption in seconds.  Kinda scary thought...
It makes me wonder what kinds of encryption aren't even legal.  I mean, if it took 10000 computers 5 years or so to crack RC5-64 at distributed.net and the government could do it in seconds...
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

syklops

  • Guest
Re:SSID broadcasts
« Reply #5 on: March 20, 2006, 03:41:32 PM »
have you read Digital Fortress by Dan Brown. Alot of it is fiction, but there are truths in it, and they are scary truths.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Re:SSID broadcasts
« Reply #6 on: March 20, 2006, 03:53:10 PM »
heehee, yay for conspiracy theories!
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Offline Metgod

  • the deranged hacker
  • Administrator
  • Forum Hero
  • *****
  • Posts: 1116
  • Country:
  • Gender: Male
Re:SSID broadcasts
« Reply #7 on: March 20, 2006, 05:23:13 PM »
Afaik, the laws largely depend on the country. For instance, many countries (US included) say you can't export keys that are so and so long (and I don't know the current numbers). So for instance, I couldn't use certain (larger) keys on a global sftp server that foreigners could use. There used to be (still is ?) issues with things like exporting or releasing source code to certain algorithms (DES comes to mind, although that's a vague memory).

I can't help but think I know why all these laws are in place.... although I suppose some of it is good in some ways.
"My Terminal is my Soul"

Offline godaigo

  • Global Moderator
  • Member
  • *****
  • Posts: 205
  • Country:
  • I love YaBB SE!
Re:SSID broadcasts
« Reply #8 on: March 21, 2006, 05:48:28 PM »
I always thought that it was interesting that the export of cryptographic software was actually written into the munitions export regulations. So in some sense they found it logical to equate the export of software with weapons, even back before "cyber-war" was much of a concept.
Godaigo
All's fair in Love and Brewing.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Re:SSID broadcasts
« Reply #9 on: March 21, 2006, 08:10:02 PM »
The NSA is the number one employer of math majors in the world--and all to make a break ciphers...

Slightly off topic:

Ha!  I've found you out Godaigo--or should I say, EMPEROR Godaigo?!  I've always wondered where the name came from...
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Offline godaigo

  • Global Moderator
  • Member
  • *****
  • Posts: 205
  • Country:
  • I love YaBB SE!
Re:SSID broadcasts
« Reply #10 on: March 22, 2006, 02:52:53 PM »
Exactly! So you delved into some history eh? :)
Godaigo
All's fair in Love and Brewing.

Offline benthehutt

  • Global Moderator
  • Seasoned Poster
  • *****
  • Posts: 368
  • Country:
  • "Drugs? You'd better not be!" - my mom
    • Echelon9
Re:SSID broadcasts
« Reply #11 on: March 22, 2006, 03:06:32 PM »
Are you also a master of the koan?

(I was going to say, "Do you also own the koan," but I thought better of it)
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.

Offline godaigo

  • Global Moderator
  • Member
  • *****
  • Posts: 205
  • Country:
  • I love YaBB SE!
Re:SSID broadcasts
« Reply #12 on: March 23, 2006, 03:13:23 PM »
No, the koan kicks my butt! I have no patience for the koan. I do have a lot of time spent with tsuki and kotegaeshi though!
Godaigo
All's fair in Love and Brewing.

Marcvs

  • Guest
Re:SSID broadcasts
« Reply #13 on: April 11, 2006, 02:06:36 AM »
I have got a 128Bit Encrypted Router (Netgear DG834G) witg SSID but strangely my Belkin Card actually picks up there is a network there (very useful for sniffing other networks ;D) even though its diesnt always give the display name or password i can sometimes force connect it to networks

Offline Uneek

  • Administrator
  • Seasoned Poster
  • *****
  • Posts: 306
  • Country:
  • Gender: Male
    • HFX International Org.
Re:SSID broadcasts
« Reply #14 on: April 12, 2006, 04:06:05 PM »
Err... I must have missed this post originally... either that or the fact that I had been MIA for a while... whatever the case may be, WiFi in its current implementation, whether a/b/g, etc., is VERY insecure and great care should be taken when implementing for it to be secure. 10 minutes to crack 128bit WEP is no longer the case. There's a nifty tool out there that will generate enough traffic for you to sniff the required amount of packets to crack it in just a few minutes... Disabling SSID broadcast does help some, (the whole out of sight, out of mind / security by obscurity thing), however don't rely on only those two for security. I would suggest implementing some sort of RADIUS authenticating at least, blah blah blah... 'nuff of my rant...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101