Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#344051 - 05/04/2011 06:57 Hidden SSIDs. Safe or not?
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
What is you opinion on safety of Hidden SSIDs?

There's some debate on line on whether hidden SSID is actually safer than broadcasting SSID, the argument against hidden being that while it is not being broadcasted by the WAPs, it is instead being broadcasted by clients looking for it, essentially; so, unless you have no legitimate client around, which in most organizations is extremely unlikely, there's no increased safety, and some claim there's LESS of it.
Of course, data security is in encryption, but what do you think specifically of hidden SSIDs? Does it really add some security or not, in your view?
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#344053 - 05/04/2011 07:51 Re: Hidden SSIDs. Safe or not? [Re: Taym]
Shonky
pooh-bah

Registered: 12/01/2002
Posts: 2009
Loc: Brisbane, Australia
It only prevents a very casual hacker from seeing it. And that's not even really a hacker. That's just someone nearby looking for free internet most likely. Anyone who wants to will be able to see it. I believe it's very easy to find it if you have the right tools.

For the added overhead (adding it manually) it's not worth the effort IMO. Just leave it on and make sure you use the best security (i.e. not WEP) your hardware/drivers can handle.
_________________________
Christian
#40104192 120Gb (no longer in my E36 M3, won't fit the E46 M3)

Top
#344068 - 05/04/2011 21:14 Re: Hidden SSIDs. Safe or not? [Re: Shonky]
tman
carpal tunnel

Registered: 24/12/2001
Posts: 5528
I leave it on. Disabling SSID broadcasts breaks more stuff than its worth.

There is the client broadcast issue which also means laptops taken away from the network will continue to be broadcasting your SSID.

Some equipment just doesn't like the fact SSIDs aren't broadcast and take a long time to discover or even never discover the network.

Top
#344069 - 05/04/2011 21:53 Re: Hidden SSIDs. Safe or not? [Re: tman]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Free Public WiFi

Top
#344072 - 06/04/2011 07:51 Re: Hidden SSIDs. Safe or not? [Re: drakino]
frog51
pooh-bah

Registered: 09/08/2000
Posts: 2091
Loc: Edinburgh, Scotland
There is no real security benefit - all security/hacking tools for wireless will still find it (the SSID is still broadcast, just not with every beacon frame, which is why it upsets some clients which timeout before grabbing it)

I say enable it and rely on WPA2/TKIP plus MAC address filtering, and if you are really concerned enable a VPN over that:-)
_________________________
Rory
MkIIa, blue lit buttons, memory upgrade, 1Tb in Subaru Forester STi
MkII, 240Gb in Mark Lord dock
MkII, 80Gb SSD in dock

Top
#344133 - 10/04/2011 14:08 Re: Hidden SSIDs. Safe or not? [Re: frog51]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
I am now broadcasting one of our 9 SSIDs, and all is fine (of course). I will probably start broadcassting the others if that is needed.
The fun part is that now at work we all seem to agree that hidden SSID is not useful.

I had never looked into this before, and just assumed, without data, that we were hiding it for security reasons. Once I looked into it, and asked you all, I can't find a reason why SSID should be hidden, and nobody in our organization even remembers why SSIDs were hidden in the first place. smile
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#344142 - 11/04/2011 00:21 Re: Hidden SSIDs. Safe or not? [Re: Taym]
Shonky
pooh-bah

Registered: 12/01/2002
Posts: 2009
Loc: Brisbane, Australia
I'd guess that at some point, someone read something that (misleadingly) said hiding SSIDs would increase security. Or they decided themselves it would increase security.

It is fairly well accepted that it's of no use. That said, I work for one of the largest companies in the world and they insist on hiding SSIDs. They also force other "security" policies that provide little to no benefit or simply don't make sense.
_________________________
Christian
#40104192 120Gb (no longer in my E36 M3, won't fit the E46 M3)

Top
#344174 - 12/04/2011 08:51 Re: Hidden SSIDs. Safe or not? [Re: Shonky]
frog51
pooh-bah

Registered: 09/08/2000
Posts: 2091
Loc: Edinburgh, Scotland
Originally Posted By: Shonky
I work for one of the largest companies in the world and they insist on hiding SSIDs. They also force other "security" policies that provide little to no benefit or simply don't make sense.


Sounds like the majority of my Fortune 350 client base :-)

They can be moved but it's like turning a supertanker.
_________________________
Rory
MkIIa, blue lit buttons, memory upgrade, 1Tb in Subaru Forester STi
MkII, 240Gb in Mark Lord dock
MkII, 80Gb SSD in dock

Top
#344769 - 05/05/2011 19:31 Re: Hidden SSIDs. Safe or not? [Re: frog51]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
... so, after 1 month of SSID broadcasting, we're not having any issue anymore with those devices - iPhones mostly - which would not work nicely with hitten Sdids.

Also, WP7 has now a dedicated thrid party App that allows using hidden SSIDs. It seems to work, but not 100% reliabily.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top