Protected WLAN

[Tim]

On Mon, 2011-05-23 at 13:58 +0100, Tim Smith wrote:
> One problem lies in the fact that 802.11 does not specify a particular
> means of giving a NULL SSID so different APs do it in different ways.
> Some give a zero-length SSID. Some give an SSID of length 1 consisting
> of a zero octet (a C null-terminated empty string). Some use a single
> ASCII 32. Some use a number of spaces equal to the length of the real
> SSID. You will thus find all sorts of rubbish in your list of
> available APs when looking at it using a station. Some of the older
> ones may Go All Funny :-(
>
> However, the SSID WILL be present in a probe response to a probe
> request which contained it, so it's available to anyone with a
> sniffer. This has to be the case or no stations would ever be able to
> find it to associate, as you obviously know :-)

In essence, when you *try* to hide your SSID, it doesn't stop
broadcasting a SSID, it broadcasts a bogus one?  Plus providing the real
SSID details in other transmissions?

So, that would make it harder for you to connect to the ID you manually
type into your client.  Not to mention the fun and games of picking your
random ID from the neighbour's random ID?

Though, whatever the specs say about what's supposed to be done, it's
certainly been shown that various different things have a lot of trouble
associating with the right access point, or any access point, when
there's no SSID being sent.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.