Don't Supress SSID Broadcasting -- Have a Glass of Wine Instead

Carl Weinschenk

For years, people were told not to drink. Then it became okay -- even good -- to have a glass of wine every night.


While it may not be as good news as the go-ahead to down some Chianti, the same reversal of traditional thinking may be happening in relation to wireless devices' broadcasting of secure service set identifier (SSID). It has been an article of faith since the dawn of modern mobility (i.e., a couple of years ago) that broadcasting the SSID -- a beacon that advertises the presence of the wireless device -- is an invitation to crackers.


Apparently, this isn't so. ZDNet suggests that disabling SSID broadcasting is useless because there are several other ways that hackers can identify wireless targets. The piece seems to suggest that suppressing SSID identification actually is detrimental, but the explanation is a bit ambiguous.


Computers at a Glance answers some of the questions raised by ZDNet. First of all, there are four ways a hacker can find the network with SSID broadcasting suppressed: probe requests, probe responses, association requests and re-association requests.


Perhaps more importantly, the writer explains why suppressing SSID is a bad thing. The short version is that it makes operations more cumbersome internally and, since it prevents other devices from knowing what channel the device is using, it leads to overcrowding on certain channels, a condition techies refer to as co-channel interference. In other words, SSID was devised to serve a purpose, and disabling it has ramifications.


The issue apparently has been brewing in tech circles for a while. This late January posting at WindowsSecurity comments that turning off the SSID violates 802.11 design specifications. More serious -- many users only have a shadowy understanding of what 802.11 is, much less a concern that they are using it in an unauthorized manner -- is the reality that the ability of a "half-talented hacker" to find the device, whether or not the SSID is being broadcast, redoubles the need for strong authentication and encryption. None of the articles discuss whether changing the name associated with the SSID helps thwart hackers.


Even if suppressing SSID broadcasting isn't helpful, it seems dangerous to have it turned on. Last week, wireless security vendor AirTight released a study conducted at 11 U.S. and three Asian-Pacific airports. TechRepublic does a good job of outlining the results. The highlight, for lack of a better term, is that hackers are using viral methods to infect multiple machines. The crackers advertise free Wi-Fi service. This, understandably, attracts a good response. There are two pernicious outcomes when people log onto the networks: The infected machine's files and machine are vulnerable and it begins advertising the phony network to other wireless users.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.