What happens when I disable SSID Broadcast? Am I more secure?
来源:互联网 发布:华为机顶盒修改mac 编辑:程序博客网 时间:2024/06/08 15:34
You really CAN NOT turn off the SSID field in the beacon. The SSID is a mandatory to send field in the BEACON and PROBE RESPONSE. So for systems that did not have the concept of an SSID, they allowed for a NULL SSID, i.e. x00 in all 32 bytes of the SSID field.
Also, you cannot turn off the beacon. You can vary its periodicity, but not eliminate it. The beacon provides the timings and other parameters need to run a BSS.
The NULL SSID option was included in the original spec for some vendors products that did not even have the concept of SSIDs. This allowed for reasonable migration to everyone using SSIDs.
Of course this "feature" was never taken out, and then, I think it was ORiNOCO or Enterasys came up with the idea that they can make their customers think they are better off by using NULL instead of the real SSID.
Then ISS jumped up and claimed that the SSID was a password sent in the clear, and the rest is history.
More technical detail:
First, an AP MUST send a BEACON frame. Per clause 7.2.3.1 a BEACON MUST contain the following fields:
Timestamp
Beacon interval
Capability information
SSID
Supported rates
FH Parameter Set \
DS Parameter Set > Just one of these
CF Parameter Set /
IBSS Parameter Set - for stations in AdHoc (yes they send BEACONs too)
TIM - for APs
The BEACON is sent every Interval. It annouces the BSS and defines how stations are to operate in the BSS.
There are two "types" of SSIDs: A string up to 32 characters or NULL.
Now, on to the operation so stations in a BSS.
Stations may scan for APs passively, or actively. That is they can either just listen for BEACONs, or send a PROBE REQUEST. Passive scanning only works if the BEACON contains the SSID, and not NULL.
If the station does not detect a BEACON with an SSID, or the desired SSID, it SHOULD send a PROBE REQUEST. This frame also has the SSID field in it. The station MAY either put NULL or the SSID in the REQUEST. If NULL is used an AP MAY respond with a PROBE RESPONSE with its SSID, or it MAY ignore this REQUEST. If the REQUEST contains the SSID of the AP, the AP MUST send a RESPONSE with its SSID.
Now let's look at this operationally. An AP is set to operate on a specific channel. It is sending its BEACONs out on the channel. If a station passively scans, it receives on each channel in turn for long enough to receive a BEACON. If the station actively scans, it sends a REQUEST on each channel in turn. Passive scanning can be done 'in background'. Active scanning interupts other activity to work.
Microsoft has defaulted XP to only actively scan. SOME vendor drivers will passively scan (like Symbol's, who knows better than Microsoft). All wireless phones passively scan first. Why is this?
Active scanning MAY take upwards to 2 sec. Passive scanning MAY build up the AP neighbor table with NO interruption to usage. So roaming can be VERY time intensive with Active scanning, but frequently 'painless' with passive scanning.
So in response to your point at the beginning of this missive.
It is probably the case that your system is always actively PROBING for APs with your SSID. In so doing, it is announcing your SSID. Now it only does this when it needs to find an AP to ASSOCIATE with. Once ASSOCIATEd, it is just fat and happy. But if it looses signal, it PROBEs again, sending out your SSID.
Thus you really cannot hide your SSID, even if you set your AP to send a NULL in the SSID field of the BEACON.
Also, you cannot turn off the beacon. You can vary its periodicity, but not eliminate it. The beacon provides the timings and other parameters need to run a BSS.
The NULL SSID option was included in the original spec for some vendors products that did not even have the concept of SSIDs. This allowed for reasonable migration to everyone using SSIDs.
Of course this "feature" was never taken out, and then, I think it was ORiNOCO or Enterasys came up with the idea that they can make their customers think they are better off by using NULL instead of the real SSID.
Then ISS jumped up and claimed that the SSID was a password sent in the clear, and the rest is history.
More technical detail:
First, an AP MUST send a BEACON frame. Per clause 7.2.3.1 a BEACON MUST contain the following fields:
Timestamp
Beacon interval
Capability information
SSID
Supported rates
FH Parameter Set \
DS Parameter Set > Just one of these
CF Parameter Set /
IBSS Parameter Set - for stations in AdHoc (yes they send BEACONs too)
TIM - for APs
The BEACON is sent every Interval. It annouces the BSS and defines how stations are to operate in the BSS.
There are two "types" of SSIDs: A string up to 32 characters or NULL.
Now, on to the operation so stations in a BSS.
Stations may scan for APs passively, or actively. That is they can either just listen for BEACONs, or send a PROBE REQUEST. Passive scanning only works if the BEACON contains the SSID, and not NULL.
If the station does not detect a BEACON with an SSID, or the desired SSID, it SHOULD send a PROBE REQUEST. This frame also has the SSID field in it. The station MAY either put NULL or the SSID in the REQUEST. If NULL is used an AP MAY respond with a PROBE RESPONSE with its SSID, or it MAY ignore this REQUEST. If the REQUEST contains the SSID of the AP, the AP MUST send a RESPONSE with its SSID.
Now let's look at this operationally. An AP is set to operate on a specific channel. It is sending its BEACONs out on the channel. If a station passively scans, it receives on each channel in turn for long enough to receive a BEACON. If the station actively scans, it sends a REQUEST on each channel in turn. Passive scanning can be done 'in background'. Active scanning interupts other activity to work.
Microsoft has defaulted XP to only actively scan. SOME vendor drivers will passively scan (like Symbol's, who knows better than Microsoft). All wireless phones passively scan first. Why is this?
Active scanning MAY take upwards to 2 sec. Passive scanning MAY build up the AP neighbor table with NO interruption to usage. So roaming can be VERY time intensive with Active scanning, but frequently 'painless' with passive scanning.
So in response to your point at the beginning of this missive.
It is probably the case that your system is always actively PROBING for APs with your SSID. In so doing, it is announcing your SSID. Now it only does this when it needs to find an AP to ASSOCIATE with. Once ASSOCIATEd, it is just fat and happy. But if it looses signal, it PROBEs again, sending out your SSID.
Thus you really cannot hide your SSID, even if you set your AP to send a NULL in the SSID field of the BEACON.
IF there is no activity on your network, you are "hidden," but if ONE station is ASSOCIATEd and transmitting, the attacker forges a DISASSOCIATE from the AP to your station. Your station then promptly starts PROBING and exposes your SSID.
http://www.dslreports.com/faq/10907
- What happens when I disable SSID Broadcast? Am I more secure?
- What Happens When I Touch the Screen
- I am what i am
- what am i doing?
- What I am using
- when I am dead赏析
- What am I fretting about?
- When I say..."I am a Christian"
- The following code fails when ExecMethod is called. Can anyone pinpoint what I am doing wrong?
- When I Am Dead, My Dearest
- what i am caring about current?
- What happens if I don't retain IBOutlet?
- weblogic,who am i?what can i do?
- i am late ,when i feel i am late ,that is two o 'clock
- i am
- I am who I am
- I love you not because of who you are, but because of who I am when I am with you.
- I love you not because of who you are, but because of who I am when I am with you.
- fvwm 窗口样式
- Java 输出通过 InetAddress 获得的 IP 地址数组
- fvwm 控制虚拟桌面
- toj1142 Frogger
- fvwm 用户函数和系统脚本命令
- What happens when I disable SSID Broadcast? Am I more secure?
- fvwm 条件命令
- 阿里技术嘉年华
- 开篇:写在毕业第七年
- C/C++编译器和开发库(linux下编写程序)
- fvwm 模块命令
- 调整动态条形图的柱子宽度
- fvwm 颜色集 和 环境变量
- strStr算法(无KMP) 略微优化的暴力解法