Another SSID question / problem

[chipy]

i have a wireless network running using WPA-PSK / TKIP. I've specified the SSID on the target computer along with the shared key. It works if I don't disable SSID broadcast on my Linksys router... but once I do disable it, the network connection is lost on my target comp.

can anyone explain this or offer suggestions.

btw, the router and target computer are in two different rooms.

thanks
chipy

 

[nweaver]

the client does not support missing SSID in beacons. That usually means a crappy client adapter.

 

[JackMDS]

If you are using WPA what the point to switch off the SSID.

Any one that can break your WPA can find your SSID in 1sec.

In other word when No security is used switching Off SSID is just better than Nothing.

Using security measures deem the status of the SSID Irrelevant.

:sun:

 

[chipy]

thanks... i guess i'll just leave the SSID on for now

chipy

 

[mrEvil]

Hmmmm....hate to disagree wtih your assessment Jack, but I do. Since most people will be using easily guessed WPA passphrases, disabling the SSID does add another layer, albeit miniscule, of protection.

Nov 2003 article on WPA

There are several tools out now that also have the ability to crack WPA...and script kiddies can run them. I'd say that it is easier for a script kiddie to run a dictionary attack, or use one of several program, to crack WPA than it is for one of them to find a hidden SSID. Not that it cannot be done, but they are looking for the obvious, since there are so many out there.

NOT trying to start any flame war here, however I have spent some time researching some of the wifi stuff in the IT security field....I personally want WPA2, but it's only a matter of time before someone cracks that....if they someone has not already.

 

[JackMDS]

Originally posted by: mrEvil
Hmmmm....hate to disagree wtih your assessment Jack, but I do. Since most people will be using easily guessed WPA passphrases, disabling the SSID does add another layer, albeit miniscule, of protection.

There a lot of Articles like the one that you posted and many of them are based on Scare tactics and Verbal Logical fallacy.

What do I mean? Let say I gave you $10, you can state: ? Jack gave me money?

Let say I gave my grandson $1,000,000. My grandsdon can State: ?Jack gave me money.

In both cases the statements are verbally correct, however that does not mean that $10 is like $1,000,000.

There is nothing to crack in SSID since it transmitted in clear text, you download Netstumbler install it, run it, and in most cases it will elicit the beacon and report the SSID.

On the other hand read (as describe in the article) all the qualification, and the ifs and the buts, as well as knowledge and the tenacity that are necessary) to brake WPA as describe in the article, at the end by the time the one time read key is cracked it the key probably went through the change cycle and it is probably useless.

SSID = $10 WPA= $1,000,000.

In addition many Wireless devices were designed to work with SSID On and do not function well otherwise.

To reiterate, how about this syllogism?

Human beings have legs.

Pigs have legs.

Thus human beings are Pigs?

On a second thought may be they are, otherwise they would not steal someone else Wireless bandwidth.

:sun:

 

[mrEvil]

Okay, I purposely sited an old article. I'll make it clear, WPA is old and there are programs out there to crack it. It may take a bit longer than WEP, but crack it nonetheless.

I agree that many were inproperly made and designed to ONLY work with SSID on. There are numerous flawed products....if you're a Microsoft MVP for Networking, well, I don't need to tell YOU that now, do I?

BTW, I minored in math...your logic is flawed. However, I can still prove that 1+1 = 3 or that the sum of all the angles inside of a triangle is < 180 degrees.

 

[nweaver]

If you want wireless security and features, look for the CCX v3 certification for an adapter. that means it works with WPA2, no ssid, BKR, Reath, LEAP/EAP-TLS/PEAP.


v2 removes some EAP-Tls, but still has (iirc) all the WPA2.

 

[JackBurton]

chipy, to answer your question more specifically, MS wireless zero configuration (MS wireless client) will not connect to an AP that is not broadcasting their SSID. If that is what you are using, taht is your problem. Just leave SSID turned on.

And I agree with JackMDS. Disabling your SSID doesn't do much for security. If you have the tools to crack a WPA network, you'll definitely have the tools to scan for any AP in the area (broadcasting or not). For instance, let's say your neighbor has his SSID turned on. Well before I even try to crack his key, I'm going to do a scan in the area for anyone else that may have their SSID turned off.