connecting to a hidden WAP router

Joel Oliver joelol75 at verizon.net
Tue Jan 20 15:41:40 UTC 2009


>
> So how do folks connect to routers that don't broadcast their essid's -- what is the point of 
> that router option if one cannot connect to it?
>
> Blessings,
>
> Nigel
>
>   


There's really no security benifit at all by hiding your essid, as it 
can be sniffed in the air.  Just like the "MAC" address filter, which 
also sounds like a good idea... Hey, I will only let my computers 
connect and block all others.  It's a simple matter of sniffing and 
spoofing it.

If you want secure, just enable WPA encryption with AES or later 
(WPA2).  WPA  TKIP has a lame 'possible' DOS exploit when used with QoS 
but feel free to use that as well.  It's not even worth describing this 
exploit as it's not that bad and is only a theory of concept exploit as 
of now.  Just stay away from WEP.


If you really must know about the details of the WPA TKIP exploit, check 
out this podcast from Steve Gibson:  http://twit.tv/sn170

And if you need a security expert to explain why hiding your bessid 
and/or MAC address filtering does nothing to increase security listen to 
this old podcast: http://twit.tv/sn11

Joel.





More information about the kubuntu-users mailing list