Is Hiding the Wireless SSID All the Network Security You Need

Every wireless network has a service set identifier or SSID, which is the name given to the wireless network. The SSID is used to distinguish wireless networks from one another. Small office home office (SOHO) routers come from the factory with a default SSID and owners of the SOHO router should always change this default SSID name to something of their choosing.

Along with changing the SSID name another very popular setting for individuals to enable on the router is to not have it broadcast the SSID or wireless network name. Hiding the SSID requires more overhead by the network owner to manually configure any wireless devices that need to be part of the network. Many network owners believe hiding the presence of the wireless network and configuring the devices that join it as a great way to secure the network, but this is providing a false sense of security. You’re not really hiding the network you are just hiding the network from advertising itself. A moderately skilled hacker with the right utilities can still find hidden wireless networks, and if there is no other security defined on the router you open your network up to several attacks.

Anyone with knowledge of wireless networks can use free utilities downloaded from the internet to scan the airwaves and capture specific communication frames to discover hidden networks. Once the hidden network name is discovered, and assuming no other security is setup an intruder could connect to the wireless network and use it for free internet access.

If an unauthorized person connects to the wireless network this would expose the other computers connected to the network. Any shared folders setup on your computers could then be browsed by the intruder and the data in them downloaded.

Hiding the SSID has one attack method that most people are not aware of. When you take your wireless device to a Wi-Fi hot spot the device will try to search for your hidden network. Basically the device will be announcing the name of the hidden SSID to anyone that may be listening. If a bad guy is at the hot spot he could create a fake access point with the SSID that your device is searching for and then try to trick you or force your device to connect to his “evil twin” access point. If the bad guy can get you to connect to the fake AP it can open up your device to numerous attacks. This may not sound like a big risk, and so many people feel the public Wi-Fi network at their local coffee shop or cafe is safe, but I always recommend when you’re using a free wireless hot spot to treat that network as unfriendly. What I mean by unfriendly is free wireless hot spots usually have no security setup and they are just convenient portals for internet access. With hot spot networks having very little or no security setup it is a prime location for the bad guys to take advantage of unsuspecting victims, so don’t think your local coffee shop or cafe is not susceptible to these types of attacks.

Regardless if your wireless network is hidden or not encryption should always be used. Encryption will scramble the network communications so they are unreadable by anyone capturing the traffic. The bad guy doesn’t need to know if a wireless network is hidden or connect to the network to capture unencrypted traffic, and this unencrypted traffic could be divulging emails you send, web sites you visit, and passwords you type into log in pages. Encryption is an important security setting to enable on your wireless network and should be setup on all wireless networks whether they are hidden or not.

Used by itself hiding the network SSID does not provide adequate security, but using this feature along with encryption and other security settings available on your home wireless router will give you a more layered approach to security. The more layers or harder you make breaking the security of the network the more someone wanting to access it will move on to an easier target.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s