Actually it depends on the scenario. As many have stated, it's hardly a protection against discovery. However, in terms of low hanging fruit and having nice neat(ish) logs, I would turn it off in a scenario where the client devices don't travel (eg. Maybe you use it for your Xbox to connect to your home router).
Where they do travel, I think the risk is actually *increased* by turning it off on your router, because you land up setting your laptop/device to constantly beacon out the SSID while travelling. As Mr Nasty, I could see that and configure my ad-hoc AP as your "hidden" SSID and wait for you to bypass your brain and ignore the prompt for connecting to your home network while you're not at home and now I'm on a network with you .. perhaps even MitMing the traffic to the Internet for you since you probably didn't notice and just took it for granted that Google appeared. With proper procedures and a thinking human, neither option has particular merit in terms of exposing you to hackers. Without them, perhaps consider the above. a From: Hank . [mailto:hgedr...@gmail.com] Sent: 18 June 2012 17:16 To: NT System Admin Issues Subject: Re: Hiding Wireless SSID I absolutely never hide SSIDs since there is zero security benefit and just additional complexity for everyone. For some reason hiding SSIDs became the cute thing to do and the various talking heads picked up on it and added to their list of their "expert suggestions"... On Mon, Jun 18, 2012 at 8:55 AM, David Lum <david....@nwea.org> wrote: How many of you folks do it, and why? It's my debate this week with one of my security folks, my slant being that hiding it gains nothing but unnecessary Service Desk involvement in helping folks configure wireless. http://blogs.technet.com/b/steriley/archive/2007/10/16/myth-vs-reality-w ireless-ssids.aspx I also told said person to Google "Does hiding wireless SSID add security". David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
