connecting to a hidden WAP router
Joel Oliver
joelol75 at verizon.net
Tue Jan 20 15:41:40 UTC 2009
>
> So how do folks connect to routers that don't broadcast their essid's -- what is the point of
> that router option if one cannot connect to it?
>
> Blessings,
>
> Nigel
>
>
There's really no security benifit at all by hiding your essid, as it
can be sniffed in the air. Just like the "MAC" address filter, which
also sounds like a good idea... Hey, I will only let my computers
connect and block all others. It's a simple matter of sniffing and
spoofing it.
If you want secure, just enable WPA encryption with AES or later
(WPA2). WPA TKIP has a lame 'possible' DOS exploit when used with QoS
but feel free to use that as well. It's not even worth describing this
exploit as it's not that bad and is only a theory of concept exploit as
of now. Just stay away from WEP.
If you really must know about the details of the WPA TKIP exploit, check
out this podcast from Steve Gibson: http://twit.tv/sn170
And if you need a security expert to explain why hiding your bessid
and/or MAC address filtering does nothing to increase security listen to
this old podcast: http://twit.tv/sn11
Joel.
More information about the kubuntu-users
mailing list