[Geeks are Sexy] technology news





Wednesday, January 11, 2006

Why disabling SSID broadcasting is NOT a good security measure to protect your wireless network

While disabling SSID broadcasting on your wireless router should be part of a larger security scheme, it should not be the only applied measure to help secure your LAN. I know a couple of people who did just that, thinking that if their SSID wasn't broadcasted over the air they were safe, but it turned out they were wrong. If you want to test this, it's pretty easy to do. Get a laptop with a wireless NIC and install a wireless sniffer on it. Kismet is a great one freely available on the Auditor Live Linux CD. Boot up Auditor, start your sniffer and check out the traffic sent out by the client to the router. When the client tries to connect to the access point, it will send out the SSID in clear text, so an attacker can get your SSID even if your access point isn't broadcasting it. enlightening isn't it?

If you are passionate about IT security, you should definitly check the Auditor CD out.

"The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset. Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries. Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM. Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards."

You can get Kismet as a standalone version here, or on the Auditor CD here



1 Comments:

  • The most important analogy that I can think of for WAPs is that it's like cutting a hole in your perfectly good roof for a skylight.....sooner or later it will leak. No wireless system is hackproof. Weigh the pros and cons to justify having it and make an informed choice. Your small write-up is one step in making an informed choice.

    Excellent blog by the way and I found it via digg. I like it so much that I've put a permanent link to you guys on my blog.

    By Blogger Greg, at 1:27 PM  

Post a Comment

Links to this post:

Create a Link

<< Home