You must know the SSID to join an 802.11 network. However, the SSID can be discovered by network sniffing. By default, the SSID is part of the packet header for every packet sent over the WLAN.
SSID Security Issues
The fact that the SSID is a secret key instead of a public key creates a key management problem for the network administrator. Every user of the network must configure the SSID into their system. If the network administrator seeks to lock a user out of the network, the administrator must change the SSID of the network, which will require reconfiguration of the SSID on every network node. Some 802.11 NICs allow you to configure several SSIDs at one time.
Default SSID's
Most 802.11 access point vendors allow the use of an SSID of "any" to enable an 802.11 NIC to connect to any 802.11 network. This is known to work with wireless equipment from Buffalo Technologies, Cisco, D-Link, Enterasys, Intermec, Lucent, and Proxim. Other default SSID's include "tsunami", "101", "RoamAbout Default Network Name", "Default SSID", and "Compaq".
Disabling SSID Broadcasting
Many Wireless Access Point (WAP) vendors have added a configuration option which lets you disable broadcasting of the SSID. This adds little security because it is only able to prevent the SSID from being broadcast with Probe Request and Beacon frames. The SSID must be broadcast with Probe Response frames. In addition, the wireless access cards will broadcast the SSID in their Association and Reassociation frames. Because of this, the SSID cannot be considered a valid security tool.
An SSID by any other name
The SSID is also referred to as the ESSID (Extended Service Set IDentifier).
Some vendors refer to the SSID as the "network name."
What SSID is Right for You?
With wireless LANs, a service set identifier (SSID) is a label that distinguishes one wireless LAN from another. An SSID contains up to 32 alphanumeric characters, which are case sensitive. The SSID is configured in the access point.
Typically, a company will set all access points to the same SSID to enable effective roaming. As part of the association process, a wireless client must have the same SSID as the one put in the access point.
Default SSID Issues
Access points are preconfigured with a default name for the SSID based on the vendor. For example, Cisco access points have the SSID of tsunami, which, by the way, means a big sea wave. Most other vendors simply use their company name as the SSID, such as proxim and symbol.
If you don't optionally choose to disable SSID broadcasting, then wireless clients will automatically look for the SSID in the access point beacon frames. Thus, the default SSID allows associations to occur, which means that you don't have to change the SSID from the default value to make your wireless LAN work.
The problem with using the default SSID is that some confusion might result if a company or home owner next to you sets up a wireless LAN with the same vendor's access points. For example, you might both have a Linksys wireless LAN at home using the default SSID of linksys-g.
If both of you don't implement some form of security, which is commonly the case in both homes and companies, and you're both within range of each other, then the your wireless clients can mistakenly associate with your neighbor's access point (and vice versa).
Change the SSID
In order to solve this problem, you should change the SSID to a different value as part of the installation process. In enterprise solutions, this makes management easier because you can differentiate your access points from neighboring companies when performing wireless analysis.
Some people recommend changing the SSID for security purposes, but I haven't seen in practice that it makes little difference. Someone with very simple wireless sniffing tools can determine the SSID of a wireless LAN, even if you change the SSID to something secret.
By default, access points include the SSID in every beacon frame. Even if you disable SSID broadcasting -- a feature available in only some access points -- you can still easily find the SSID in the association frame when a wireless client joins the wireless LAN.
Tips to Consider
When defining the SSID, here are some tips to mull over:
Company and brand names. Many companies will use their company or brand name as the SSID. This may be the best approach for public wireless LANs because you want to advertise your particular system. With private wireless LANs, however, the use of a company name gives away the owner of the network. If you're a high profile company, then a hacker may prefer to launch a denial of service attack against your network rather than others.
Scrambled characters. A SSID with scrambled characters, such as X#EM$88d#~9nE certainly doesn't give away your identity, but it looks like you're hiding something important. So, this could prompt a hacker to do bad things to your network. Most people choose this type of SSID because they think that it will be more secure. Keep in mind that even an inexperienced hacker can still easily obtain the SSID by sniffing the association frames. Also, the use of meaningless names makes it difficult to manage the network. Administrators have difficulties remembering things like X#EM$88d#~9nE.
Aliases. In order to mask your identify with a management name, an alias may be your best solution. Try using something like WirelessLAN or WLAN as your SSID. The odds of someone right next to you with the same SSID you've chosen is not probable. In addition, you won't be giving away your identity.
When naming the SSID, consider how it affects functionality, security, and manageability. This relatively simple exercise will make your wireless LAN more effective.
No comments:
Post a Comment