Security Short: SSID What?
Admin Note: This post is in response to a recent posting I made regarding Google’s wireless collection activities. This “Security Short” provides some brief information on improving the security of PRIVATE wireless systems and is not intended to be used where public access is allowed (i.e. coffee shops, libraries, etc.) unless of course you want to cause havoc for your users and your helpdesk. Consult your operators manual for particulars on how to implement these tips as there are hundreds of manufacturers of wireless equipment. These security tips will not stop a determined attacker. They are meant only to reduce your risk. A truly secure network is a network powered off. You assume any risk by following the information contained here. Your Mileage May Vary (YMMV), Void Where Prohibited.
Much of the data that was collected by Google involved the Service Set Identifier (SSID) and Media Access Control (MAC) address. The SSID is essentially the unique name of your wireless access point or hotspot. You can set it to be anything you want. It is advisable to change the default name of your access point. However, there are certain things you should not set your SSID to. For example, do not set your SSID to your last name or business name, address, or any other identifying information. Doing so allows an attacker to know exactly what their target is and the general location of their target.
After you change the SSID to something other than the default, you should disable the broadcast of the SSID. This will prevent the access point from transmitting a beacon essentially saying, “Hey, here I am and my name is…” Just ensure that you remember your SSID should Microsoft Windows or any other operating system for that matter conveniently forgets it. It should be noted that I have experienced cases where disabling the SSID causes havoc on the network and certain network devices will not find each other (including computers and access points), so use with caution. If your network comes to a grinding halt after implementing this, you may need to restart all wireless equipment and/or enable SSID broadcasting (make sure you do not do this during production hours, otherwise you will have some users very angry with you.) YMMV.
While disabling the broadcast of the SSID does not make your system immune from the determined wardriver it will at least prevent the casual person from finding the access point. (Please note, that disabling the SSID broadcast does not make your network invisible to certain tools / software packages.)
For detailed instructions on securing your wireless router by make / model, please check out this awesome site: http://portforward.com Click the OTHER GUIDES tab at the top then scroll down and find the link on the right labeled “Wireless Network Security Guides” or click here:
http://portforward.com/english/routers/wireless/routerindex.htm
