Protected WLAN

James McKenzie jjmckenzie51 at gmail.com
Tue May 17 19:15:24 UTC 2011


On Tue, May 17, 2011 at 11:35 AM, Michael Cronenworth <mike at cchtml.com> wrote:
> James McKenzie wrote:
>> True.  Bet you have a lock on every door to your house as well.
>> Turning off the SSID is a deterent.  Make them go somewhere else.
>> Same with door locks.  If I want to get into your house, I will.  Even
>> if it means using TNT.
>
> James, why are you attempting to justify this pointless, unsecure,
> method of wireless configuration?
>
> SSID hiding is *not* secure. It is *not* a deterrent. Security through
> obscurity is *not* security.
>
Want to bet?  By hiding stuff in plain sight? It works.  It's called
Stegronagraphy.  If I camoflague myself and hid in a bunch of bushes,
I'm betting you won't find me.  That is what we are doing when we hide
the ssid.
Again, it is a DETERANT, not an absolute method.
If I turn off the ssid, your job just got harder.

>> Same thing here.  It will take more 'work'.  Make them go away.
>
> Obtaining a MAC takes seconds - i.e. no more 'work' than it is to find
> your 'hidden' SSID.
>
Same here.  If I can deter you, then I have success.  No network is
'bulletproof'.  Not even wired.  However, the more work you have to do
and the smaller the gain, and the more likely your efforts are subject
to detection, the less likely you are to try and break in.

These apply UNLESS I'm a big target and you want what information I
have.  At that point, I'm probably and ID10T for using Wireless or
having a WAP in the first place.

Security is not just putting door locks on the doors.  If I leave a
window wide open, the biggest, strongest door is worthless.  Same
thing here.  If I have a big door, geese in the yard, an 8 foot high
fence with barbed wire, you are less likely to try and invade.
However, you still can try.

Again, NO NETWORK IS SECURE.  Never will be.

James McKenzie


More information about the users mailing list