On 2011/05/20 02:07, Marko Vojinovic wrote:
On Friday 20 May 2011 05:30:11 JD wrote:
Tim, your points are way too generalized. No one said not broadcasting alone will make you safer. It is advised as part of the larger defense scheme
That is a very bad advice. Hiding SSID has *nothing* to do with any security, and suggesting that it does is just a mirage, giving a casual reader a false sense of security. It (a) breaks regular WLAN functionality and (b) gains absolutely nothing in terms of security. Such a setup can be useful only if you intentionaly want to break the regular functionality of your wireless network. There are some scenarios where that might be useful, but none of them have anything to do with security.
If you want to secure a wireless network, implement wpa2-psk/aes and use strong passphrases for everything. That is the *only* thing that makes your wlan reasonably secure. But hiding SSID, filtering MAC addresses, is just useless in terms of security.
I believe that was Tim's point as well.
If you want real security use an encrypted vlan over the wireless link.
{^_^}