RE: script SSID for wireless configs
Thanks, I’ll check. I know that they have a combination of Dell, Lenovo, and HP, but not sure at this location. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Friday, May 21, 2010 11:29 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Are they Dells? I think you can with the Dell Wireless Utility (As opposed to the built-in Windows utility). The Dell utility can import/export configs. Therefore, I bet there is a way to script the import process. Never done it, so it’s just a hunch. Fwiw. Sam From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 9:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each ‘authorized’ wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Thank you very much for answering the original question. I’ll add it to my research. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: KenM [mailto:kenmli...@gmail.com] Sent: Saturday, May 22, 2010 6:59 AM To: NT System Admin Issues Subject: Re: script SSID for wireless configs To the OP. I did not read through the whole chain so if this has been posted sorry for the repost. This may work for you. http://technet.microsoft.com/en-us/library/bb878069.aspx The last time I used this was a few years ago on XP so I am not sure about newer OS's. We were migrating from WEP to WPA2 and we needed away of migrating from using the intel software to manage the wireless to have windows manage it. This was a way we could put our old WEP settings on the windows profile and use GPO for the WPA2 settings. There are some limitations of this though. It is meant to be used from a USB thumb drive. So the EXE has to be on the root of a drive. The why I ran it was to put it on a company shared drive and had our desktop team run the exe when converting to our new wireless. I also had it in a logon script for some users but I forget if there was something that needed to be done to get it working in the logon script. On Sat, May 22, 2010 at 5:07 AM, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Saturday, 22 May 2010 4:07 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On 21 May 2010 at 11:23, Micheal Espinola Jr wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? ?!? A password is an authenticator - it's meant to be secret. Hiding your identifier is usually obscurity Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On 21 May 2010 at 11:23, Micheal Espinola Jr wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
-Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Saturday, 22 May 2010 4:07 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On 21 May 2010 at 11:23, Micheal Espinola Jr wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? ?!? A password is an authenticator - it's meant to be secret. Hiding your identifier is usually obscurity Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
To the OP. I did not read through the whole chain so if this has been posted sorry for the repost. This may work for you. http://technet.microsoft.com/en-us/library/bb878069.aspx The last time I used this was a few years ago on XP so I am not sure about newer OS's. We were migrating from WEP to WPA2 and we needed away of migrating from using the intel software to manage the wireless to have windows manage it. This was a way we could put our old WEP settings on the windows profile and use GPO for the WPA2 settings. There are some limitations of this though. It is meant to be used from a USB thumb drive. So the EXE has to be on the root of a drive. The why I ran it was to put it on a company shared drive and had our desktop team run the exe when converting to our new wireless. I also had it in a logon script for some users but I forget if there was something that needed to be done to get it working in the logon script. On Sat, May 22, 2010 at 5:07 AM, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Saturday, 22 May 2010 4:07 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On 21 May 2010 at 11:23, Micheal Espinola Jr wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? ?!? A password is an authenticator - it's meant to be secret. Hiding your identifier is usually obscurity Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On Sat, May 22, 2010 at 01:07, Angus Scott-Fleming angu...@geoapps.com wrote: On 21 May 2010 at 11:23, Micheal Espinola Jr wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? Password != obscurity Time to read some Schneier. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On Sat, May 22, 2010 at 4:07 AM, Angus Scott-Fleming angu...@geoapps.com wrote: Obscurity != Security And with that, let the soapboxing begin... And what is a password but obscurity? A password is a secret key. The difference between a secret key and security by obscurity is that you can change a key easily and quickly, without changing the architecture. Thus, unwanted disclosure of a secret key does not invalidate the security design; you simply change the key. You can even do this preemptively. In contrast, once a security by obscurity vulnerability is disclosed, you must change the security design. That could mean anything from changing configuration options to installing new software to buying all new equipment. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Jenny, is that you? -Malcolm -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 17:14 To: NT System Admin Issues Subject: Re: script SSID for wireless configs On Fri, May 21, 2010 at 15:08, Ben Scott mailvor...@gmail.com wrote: On Fri, May 21, 2010 at 2:23 PM, Micheal Espinola Jr michealespin...@gmail.com wrote: And with that, let the soapboxing begin... On that note: It is important to remember that wireless is inherently a broadcast medium. So everyone around you is always receiving *everything* you transmit. What matters is how you protect what you transmit. :) It's like a bunch of people standing in a room together. If you say, Hey, Ben, your shoe is untied, most other people in the room aren't going to bend down to tie their shoes, too. But they'll still hear what you said to me. That is what things like hidden SSIDs and MAC address filtering do. If you say, Hey, Ben, seven six two three nine four eight five one nine six, everyone again knows you said something to me, but they don't know *what* unless they know the code. That is encryption. -- Ben What about eight six seven five three zero nine? Hm? Is that encryption? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
You can do this with GPO. However if they are using a pre-shared key that will have to be scripted or entered manually. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each 'authorized' wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
So via GPO I can configure the wireless connection to use the explicit SSID, but the end user will still get a pop up to enter the password ? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Friday, May 21, 2010 10:24 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs You can do this with GPO. However if they are using a pre-shared key that will have to be scripted or entered manually. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each ‘authorized’ wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Not sure if they'll get a pop-up, you'd have to test. But yes, you can use GPO to create the wireless connection, including SSID and security type. Just make sure to hit the box for connect to this network even if not broadcasting From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:37 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs So via GPO I can configure the wireless connection to use the explicit SSID, but the end user will still get a pop up to enter the password ? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Friday, May 21, 2010 10:24 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs You can do this with GPO. However if they are using a pre-shared key that will have to be scripted or entered manually. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each 'authorized' wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Hidden SSID's are false security and may even be a security hazard for mobile users whose devices are configured with the hidden SSID: http://www.networkworld.com/columnists/2007/030507-wireless-security.html Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each 'authorized' wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:25 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Hidden SSID's are false security and may even be a security hazard for mobile users whose devices are configured with the hidden SSID: http://www.networkworld.com/columnists/2007/030507-wireless-security.html Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each ‘authorized’ wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:25 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Hidden SSID's are false security and may even be a security hazard for mobile users whose devices are configured with the hidden SSID: http://www.networkworld.com/columnists/2007/030507-wireless-security.html Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 10:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each 'authorized' wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.orgwrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? *Murray * -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 12:01 PM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' *From:* Carl Houseman [mailto:c.house...@gmail.com] *Sent:* Friday, May 21, 2010 11:55 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 11:50 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
Did you see the article that Carl linked? -ASB: http://XeeSM.com/AndrewBaker On Fri, May 21, 2010 at 1:43 PM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? *Murray * -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 12:01 PM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' *From:* Carl Houseman [mailto:c.house...@gmail.com] *Sent:* Friday, May 21, 2010 11:55 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 11:50 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.orgwrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! *Murray * -- *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com] *Sent:* Friday, May 21, 2010 1:23 PM *To:* NT System Admin Issues *Subject:* Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.orgwrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? *Murray * -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 12:01 PM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' *From:* Carl Houseman [mailto:c.house...@gmail.com] *Sent:* Friday, May 21, 2010 11:55 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 11:50 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_o f_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff
Re: script SSID for wireless configs
If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: script SSID for wireless configs
13_Lollipop_Lane ? :) Shook -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 3:59 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik
Re: script SSID for wireless configs
LastHouseOnTheLeft On Fri, May 21, 2010 at 13:01, Andy Shook andy.sh...@peak10.com wrote: 13_Lollipop_Lane ? :) Shook -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 3:59 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer
RE: script SSID for wireless configs
Of the dozen or so wifi's that I can see with inssider, one is WEP, my neighbor behind me is WPA2 and everyone else is WPA. Every now and then I see an unencrypted wifi, and I suspect it's a honeypot. I'm WPA2! Most of the neighbors have 2wire names, and I've been told that those are ATT Uverse users. Murray -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 2:59 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security _of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff
Re: script SSID for wireless configs
I have 2wire too...those things are great. On Fri, May 21, 2010 at 3:10 PM, Murray Freeman mfree...@alanet.org wrote: Of the dozen or so wifi's that I can see with inssider, one is WEP, my neighbor behind me is WPA2 and everyone else is WPA. Every now and then I see an unencrypted wifi, and I suspect it's a honeypot. I'm WPA2! Most of the neighbors have 2wire names, and I've been told that those are ATT Uverse users. Murray -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 2:59 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security _of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around
RE: script SSID for wireless configs
Both of my wireless net's are private and hidden MAC filtered and firewalled. Using 802.11 N MIMO. Works like a charm, but its fun to see how many in the neighborhood that aren't. Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org From: Steve Ens [mailto:stevey...@gmail.com] Sent: Friday, May 21, 2010 4:14 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs I have 2wire too...those things are great. On Fri, May 21, 2010 at 3:10 PM, Murray Freeman mfree...@alanet.org wrote: Of the dozen or so wifi's that I can see with inssider, one is WEP, my neighbor behind me is WPA2 and everyone else is WPA. Every now and then I see an unencrypted wifi, and I suspect it's a honeypot. I'm WPA2! Most of the neighbors have 2wire names, and I've been told that those are ATT Uverse users. Murray -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 21, 2010 2:59 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs If drive by intruders see either WPA or WPA2 they will most likely keep going. If they see WEP they might stick around after the 30 seconds it takes to crack it, and if it's open then they're golden. I'd be more worried about the 13-year old neighbor boy who is running Linux brute-forcing your network than someone outside of your neighborhood. That unkown SSID is more tempting than not. I use my street address as my SSID, FWIW. Kurt On Fri, May 21, 2010 at 12:47, Murray Freeman mfree...@alanet.org wrote: Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security _of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their 'security', they do have other proper measures in place. Erik Goldoff IT Consultant Systems
RE: script SSID for wireless configs
Not that your AP is broadcasting it but it *is* in the connecting station’s info that can be sniffed. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Murray Freeman [mailto:mfree...@alanet.org] Sent: Friday, May 21, 2010 3:28 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray _ From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray _ From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
The takeaway here is that turning off the SSID broadcast should never be the *only* security measure because in and of itself, it only provides a false sense of security, and keeps out only the most casual . Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Murray Freeman [mailto:mfree...@alanet.org] Sent: Friday, May 21, 2010 3:48 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. Murray _ From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 2:34 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Br oadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! Murray _ From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, May 21, 2010 1:23 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? Murray _ From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 12:01 PM To: NT System Admin Issues Subject: RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Friday, May 21, 2010 11:55 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot. As IT consultant, do you not have any capacity to advise the agency on security matters? Or keep them from shooting themselves in the foot? I guess not... Carl From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 11:50 AM To: NT System Admin Issues Subject: RE: script SSID for wireless configs Thank you but that was not the question. To the agency, this is one layer of security, in addition to WPA, etc. The question is whether the wireless config could be scripted. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
Well, thats the kicker: Define casual. You mean on an open network? Sure. Passworded by any level of security goes beyond casual at that point, and is an attack. The tools and info are all over the Internet. Obfuscation does you nothing, but give a false sense of security. The article that Carl posted is a good read. For those curious, consider this quote: While this is commonly viewed as a mechanism to improve the security of the WLAN and is a recommended best-practice by the PCI Data Security Standard, [SSID's] can reduce the effective security of the WLAN. -- ME2 On Fri, May 21, 2010 at 1:28 PM, Erik Goldoff egold...@gmail.com wrote: The takeaway here is that turning off the SSID broadcast should never be the **only** security measure because in and of itself, it only provides a false sense of security, and keeps out only the most casual . *Erik Goldoff*** *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' *From:* Murray Freeman [mailto:mfree...@alanet.org] *Sent:* Friday, May 21, 2010 3:48 PM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs Thanks Micheal, that clears it up somewhat. It sounds to me that with the number of wifi's in my neighborhood, I don't have to be very concerned because the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. Thanks again. *Murray * -- *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com] *Sent:* Friday, May 21, 2010 2:34 PM *To:* NT System Admin Issues *Subject:* Re: script SSID for wireless configs Technically speaking, its not that it isnt broadcasted. It's not advertised in the packets. This is a good short summary: http://en.wikipedia.org/wiki/Service_set_%28802.11_network%29#Security_of_Broadcasting_SSID -- ME2 On Fri, May 21, 2010 at 12:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? I'm having trouble with that concept. If I tturn off the power altogether, can thesetools see my wifi? If the broadcast is shut off, how is it broadcasting? Finally, if these tools can see my SSID, can they also see the unencrypted password? I can tell you that Inssider tells me a lot about the wifi's it picks up including it's mac address along with the manufacturer of the wifi, and the channel in use. But my SSID displays as unknown. Either wifi is completely unsecure or it isn't. Please explain! *Murray * -- *From:* Micheal Espinola Jr [mailto:michealespin...@gmail.com] *Sent:* Friday, May 21, 2010 1:23 PM *To:* NT System Admin Issues *Subject:* Re: script SSID for wireless configs Its false security. Mainly because anyone capable of hacking your network can see your SSID with their toolset (its still out there in the ether). Obscurity != Security And with that, let the soapboxing begin... -- ME2 On Fri, May 21, 2010 at 10:43 AM, Murray Freeman mfree...@alanet.org wrote: I've been lurking on this topic, and I have a couple of questions. First, I have a wifi at home and I have the radio broadcast turned off. I'm using INSSIDER software to look around my neighborhood from time to time. My SSID shows up as unknown. Obviously I have no problem connecting and if someone who has never connected previously comes over, I help them by telling them the SSID and password to connect. The next time they come over, they connect automatically. So, my questions. First, even if you know my SSID, you need to know my password or you're not going to connect. I figure that without the SSID, it is even more difficult for a stranger to connect. Oh, I'm using WPA2 security. I know I could use MAC filtering, but I'm comfortable that I'm secure enough. Can you guys explain to me how having the radio broadcast turned off makes the security lessened? *Murray * -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Friday, May 21, 2010 12:01 PM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs No real input as their decisions are already made, but like I said, they are depending solely on non-broadcast of the SSID as their ‘security’, they do have other proper measures in place. *Erik Goldoff* *IT Consultant* *Systems, Networks, Security * ' Security is an ongoing process, not a one time event ! ' *From:* Carl Houseman [mailto:c.house...@gmail.com] *Sent:* Friday, May 21, 2010 11:55 AM *To:* NT System Admin Issues *Subject:* RE: script SSID for wireless configs The post was offered as a general comment, not a response to your question. That happens around here a lot
Re: script SSID for wireless configs
On Fri, May 21, 2010 at 3:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? It's still being broadcast. Normally, a wifi AP periodically transmits a beacon frame containing the SSID. Member nodes continuously listen for beacon frames. By doing so, they build up that list of local wifi networks. You have told your AP not to transmit those beacon frames, so you won't show up in said list. But in order to participate in a wifi network, member nodes must locate and associate with your AP. That is done in the clear. For example, suppose your network is named ALANET. Your laptop has to first ask, Are you there, 'ALANET'? Your AP will then say, Yes, I am 'ALANET'. They then proceed to negotiate encryption. All wifi receivers in the area will get those transmissions. Normally, other nodes will ignore your transmissions as unrelated. But sniffer tools will show the contents of those frames, or even present a list of them. On Fri, May 21, 2010 at 3:47 PM, Murray Freeman mfree...@alanet.org wrote: ... the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. That depends. For someone just looking for a free Internet connection, yes, they will prolly go after the open networks. But some people see things like a so-called hidden SSID as a challenge. It's more fun to go after such targets. I am told that WPA2 is generally regarded as cryptographically strong, though. So unless there's some kind of unpublished attack happening, you're probabbly in good shape. Unless you have a weak secret, of course. If your WPA2 key is something like password, swordfish, 12345, letmein, or your SSID, then you could be in trouble. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Ben, that explains things better. My password is 15 characters long withalpha, numbers and special characters, so I guess I'm reasonably secure. Thanks for the explanation Murray -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, May 21, 2010 4:47 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On Fri, May 21, 2010 at 3:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? It's still being broadcast. Normally, a wifi AP periodically transmits a beacon frame containing the SSID. Member nodes continuously listen for beacon frames. By doing so, they build up that list of local wifi networks. You have told your AP not to transmit those beacon frames, so you won't show up in said list. But in order to participate in a wifi network, member nodes must locate and associate with your AP. That is done in the clear. For example, suppose your network is named ALANET. Your laptop has to first ask, Are you there, 'ALANET'? Your AP will then say, Yes, I am 'ALANET'. They then proceed to negotiate encryption. All wifi receivers in the area will get those transmissions. Normally, other nodes will ignore your transmissions as unrelated. But sniffer tools will show the contents of those frames, or even present a list of them. On Fri, May 21, 2010 at 3:47 PM, Murray Freeman mfree...@alanet.org wrote: ... the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. That depends. For someone just looking for a free Internet connection, yes, they will prolly go after the open networks. But some people see things like a so-called hidden SSID as a challenge. It's more fun to go after such targets. I am told that WPA2 is generally regarded as cryptographically strong, though. So unless there's some kind of unpublished attack happening, you're probabbly in good shape. Unless you have a weak secret, of course. If your WPA2 key is something like password, swordfish, 12345, letmein, or your SSID, then you could be in trouble. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On Fri, May 21, 2010 at 4:15 PM, Ziots, Edward ezi...@lifespan.org wrote: Both of my wireless net’s are private and hidden MAC filtered and firewalled. Using 802.11 N MIMO. Works like a charm, but its fun to see how many in the neighborhood that aren’t. The problem with MAC restrictions is that MAC addresses are transmitted cleartext. So if an attacker tries to connect but gets no response from the AP, but does see other nodes talking to the AP, they can easily deduce that you are filtering by MAC. So they note which MAC addresses are working, wait for one of them to go away, then spoof that MAC and continue. Sure, it will keep out the casual home users. But so will just using WPA2. Or even WEP. For home or other casual use, I say just use WPA2 with a strong passphrase. That lets you easily get on the network, and you can easily let your guest on the network. WPA2 is believed to be cryptographically sound. As long as that holds, it will keep out both a casual intruder (e.g., neighbor looking to mooch Internet) and a determined attacker. Anything else is just more work with no apparent gain. For corporate use, I recommend requiring a PKI VPN to get past the first IP gateway. Ideally, require two-factor authentication for the VPN. Firewall out anything else. Use link layer security if you want, or not. If someone does connect to the wifi net without authorization, they won't be able to sniff or connect to anything useful. I trust a good VPN a lot more than I trust most wireless equipment manufacturers. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On Fri, May 21, 2010 at 2:23 PM, Micheal Espinola Jr michealespin...@gmail.com wrote: And with that, let the soapboxing begin... On that note: It is important to remember that wireless is inherently a broadcast medium. So everyone around you is always receiving *everything* you transmit. What matters is how you protect what you transmit. :) It's like a bunch of people standing in a room together. If you say, Hey, Ben, your shoe is untied, most other people in the room aren't going to bend down to tie their shoes, too. But they'll still hear what you said to me. That is what things like hidden SSIDs and MAC address filtering do. If you say, Hey, Ben, seven six two three nine four eight five one nine six, everyone again knows you said something to me, but they don't know *what* unless they know the code. That is encryption. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
On Fri, May 21, 2010 at 15:08, Ben Scott mailvor...@gmail.com wrote: On Fri, May 21, 2010 at 2:23 PM, Micheal Espinola Jr michealespin...@gmail.com wrote: And with that, let the soapboxing begin... On that note: It is important to remember that wireless is inherently a broadcast medium. So everyone around you is always receiving *everything* you transmit. What matters is how you protect what you transmit. :) It's like a bunch of people standing in a room together. If you say, Hey, Ben, your shoe is untied, most other people in the room aren't going to bend down to tie their shoes, too. But they'll still hear what you said to me. That is what things like hidden SSIDs and MAC address filtering do. If you say, Hey, Ben, seven six two three nine four eight five one nine six, everyone again knows you said something to me, but they don't know *what* unless they know the code. That is encryption. -- Ben What about eight six seven five three zero nine? Hm? Is that encryption? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: script SSID for wireless configs
Your safety with WPA2 varies a bit based on the protocol used (TKIP or AES). TKIP uses WEP mechanisms, and you maintain that WEP exposure if you use it with WPA2. For true WPA2 security, you need to use AES. The configuration of some devices is deceptive when it lets you use WPA2 with TKIP. -- ME2 On Fri, May 21, 2010 at 2:53 PM, Murray Freeman mfree...@alanet.org wrote: Ben, that explains things better. My password is 15 characters long withalpha, numbers and special characters, so I guess I'm reasonably secure. Thanks for the explanation Murray -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, May 21, 2010 4:47 PM To: NT System Admin Issues Subject: Re: script SSID for wireless configs On Fri, May 21, 2010 at 3:27 PM, Murray Freeman mfree...@alanet.org wrote: So you are telling me that there are tools that can see something that isn't being broadcast? It's still being broadcast. Normally, a wifi AP periodically transmits a beacon frame containing the SSID. Member nodes continuously listen for beacon frames. By doing so, they build up that list of local wifi networks. You have told your AP not to transmit those beacon frames, so you won't show up in said list. But in order to participate in a wifi network, member nodes must locate and associate with your AP. That is done in the clear. For example, suppose your network is named ALANET. Your laptop has to first ask, Are you there, 'ALANET'? Your AP will then say, Yes, I am 'ALANET'. They then proceed to negotiate encryption. All wifi receivers in the area will get those transmissions. Normally, other nodes will ignore your transmissions as unrelated. But sniffer tools will show the contents of those frames, or even present a list of them. On Fri, May 21, 2010 at 3:47 PM, Murray Freeman mfree...@alanet.org wrote: ... the rest of the neighborhood are broadcasting and several use their family name. I'm going to assume that they would tend to draw the hackers more than my unknown wifi, and most of them are WPA whereas I'm WPA2. That depends. For someone just looking for a free Internet connection, yes, they will prolly go after the open networks. But some people see things like a so-called hidden SSID as a challenge. It's more fun to go after such targets. I am told that WPA2 is generally regarded as cryptographically strong, though. So unless there's some kind of unpublished attack happening, you're probabbly in good shape. Unless you have a weak secret, of course. If your WPA2 key is something like password, swordfish, 12345, letmein, or your SSID, then you could be in trouble. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: script SSID for wireless configs
Are they Dells? I think you can with the Dell Wireless Utility (As opposed to the built-in Windows utility). The Dell utility can import/export configs. Therefore, I bet there is a way to script the import process. Never done it, so it's just a hunch. Fwiw. Sam From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, May 21, 2010 9:22 AM To: NT System Admin Issues Subject: script SSID for wireless configs Quick question : Scenario-agency has a wireless access point with SSID broadcast disabled, so the SSID must be explicitly entered on each 'authorized' wireless client. Can this explicit entry of the SSID be scripted to automate across multiple systems ??? Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~