Wireless AP question

Discussion in 'OT Technology' started by Stev, Apr 16, 2004.

  1. Stev

    Stev Active Member

    Joined:
    Mar 12, 2004
    Messages:
    11,409
    Likes Received:
    0
    I am in Wireless Administration class right now, but i dont understand this. Trying to keep my network secure i have MAC address filtering and had 64bit WEP. I wanted to turn off SSID broadcast so i could take off 64bit WEP cuz the loss was noticable and i hate it.

    but for some reason it still broadcasts it. Net stumbler still detects it... is this because i am associated with it already or is it still broadcasting. I could be understanding this wrong but it seems to me that it is still broadcasting.
     
  2. pookrat

    pookrat OT Supporter

    Joined:
    Dec 6, 2002
    Messages:
    1,106
    Likes Received:
    2
    Location:
    Houston
    Netstumbler may be detecting the SSID from the Beacon Management Frame. It has to be included in the Beacon Frame for the Stations and AP to communicate. NetStumbler may be getting the data from there. Could also be getting it from the Probe Requests and Responses. It also depends on whether your system is using Active Scanning or Passive Scannig.

    Regardless, if you are using 64bit WEP, and noticing a substantial decrease in throughput in a small network, you have other issues. WEP does not add that much overhead. Only Layer 3 data is encypted (mostly). MAC, IV, and Beacon Data is not encrypted. But if you notice it and want to turn it off, thats the risk you will have to take. Maybe you should use something else like a form of 802.1x EAP, TKIP, or even Wireless VPN.
     
    Last edited: Apr 17, 2004
  3. Ximian

    Ximian New Member

    Joined:
    Mar 20, 2004
    Messages:
    1,860
    Likes Received:
    0
    Location:
    DCA
    Is keeping/making a wireless network secure the question or project for the class? It's a trick question, all wireless networks are inherently insecure.

    You'll need several layers of encryption just to send a message "securely" and that's very slow but securing access is way different. You can clone a MAC address and you can change your IP, then you can get access.
     
  4. Stev

    Stev Active Member

    Joined:
    Mar 12, 2004
    Messages:
    11,409
    Likes Received:
    0
    im well aware, and this has nothing to do with my class. Look, deal is that there is someone in the very next house that can see my wireless signal in full, and i know can get the tools to mod his MAC address(and he has mine) and passively watch to pick up a WEP code.

    And net stumbler should not be able to see an access point if there is no SSID. This much i am somewhat sure of.
     
  5. pookrat

    pookrat OT Supporter

    Joined:
    Dec 6, 2002
    Messages:
    1,106
    Likes Received:
    2
    Location:
    Houston
    No such thing as an AP with no SSID. Not Broadcasting and not having an SSID are two different things.

    What kind of AP and Client Adapters are you using??? Maybe you should check for Firmware or driver upgrades and start using WPA... If you think the neighbor is smart enough to spoof your cards IP, then some form of security other than Not Broadcasting and MAC Filtering is gonna be your only route. I can find your AP's SSID no matter how you configure it.

    Maybe just institute cell sizing if your that worried about it.
     
  6. Stev

    Stev Active Member

    Joined:
    Mar 12, 2004
    Messages:
    11,409
    Likes Received:
    0
    linksys AP, has the latest firmware and no WPA. and i meant it as, as much as he knows there is no SSID, if it isnt broadcasting then he shouldnt even be able to see that an AP exists, or if he does he shouldnt be able to become associated with it.
     

Share This Page