Skip Links

Network World

Paul McFedries

Wireless Security Myths I: SSID Broadcasting

By Paul McFedries on Thu, 10/09/08 - 2:01pm.

Windows Vista sees your wireless network because the access point (AP) broadcasts the network's service set identifier (SSID). However, when you connect to a wireless network, Vista offers a Save Network check box. If you leave that check box activated, Vista remembers the wireless network, and will connect to it automatically the next time it comes within range. Therefore, after all of your computers have accessed the wireless network at least once, you no longer need to broadcast the network's SSID. Therefore, conventional wireless wisdom says that you should use your AP setup program to disable broadcasting and prevent others from seeing your network.

However, you should know that when previously authorized devices attempt to connect to a nonbroadcasting network, they include the network's SSID as part of the probe requests they send out to see whether the network is within range. The SSID is sent in unencrypted text, so it would be easy for a snoop with the right software (easily obtained from the Internet) to learn the SSID. If the SSID is not being broadcasted as a way to hide a network that's unsecure or that uses an easily breakable encryption protocol, such as WEP, hiding the SSID in this way actually makes the network less secure.

Of course, you aren't trying to hide an unsecure network, right? As a savvy wireless network administrator, you have WPA or WPA2 encryption enabled. So in your case, disabling SSID broadcasting either keeps your security the same or improves it:

  • If a cracker detects your nonbroadcasting SSID, you're no worse off.
  • If the snoop doesn't have the necessary software to detect your nonbroadcasting SSID, he won't see your network, so you're more secure.

Simple, right? Well, maybe. Okay, there is one scenario where hiding your SSID can make your wireless network less secure. If a cracker detects that you've disabled SSID broadcasting, he might think you've done it because you've got something particularly important or sensitive to hide, so he might pull out all the stops to crack your network. How likely is this? Not very. Most crackers want easy targets, and most neighborhoods supply them, so unless a snoop knows that you're hiding something juicy, he'll almost certainly move on to a less-secure network.

About Secure Windows Vista Networking

Paul McFedries is the author of more than 60 computer books that have sold more than 3 million copies worldwide. His recent titles include Windows Vista Unleashed, Windows Home Server Unleashed, Formulas and Functions with Microsoft Excel 2007, Tricks of the Microsoft Office 2007 Gurus, and Microsoft Access 2007 Forms, Reports, and Queries. Paul also operates Word Spy, devoted to tracking new words and phrases as they enter the English language. You can also follow Paul on Twitter.

Paul's book Networking with Microsoft Windows Vista: Your Guide to Easy and Secure Windows Vista Networking, is featured on Microsoft Subnet as the October, 2008, book giveaway:

Read a sample chapter of Networking with Microsoft Windows Vista.
Buy a copy of the book now.
Enter your name for a chance to win one of 15 copies of Microsoft Subnet's monthly giveaway.

 

Most Discussed Posts