Author Topic: What's the name of your Wi-Fi network?  (Read 1535 times)

0 Members and 1 Guest are viewing this topic.

Offline lobsterbash

  • Keeps Priorities Straight
  • ***
  • Posts: 321
Re: What's the name of your Wi-Fi network?
« Reply #45 on: October 18, 2017, 12:47:35 PM »
network name: NETGEAR
unprotected network

router UN: Admin
router PW: password

No antivirus software or firewalls, but I leave all the ports open just to be sure.
I wish you'd upgrade your internet package though, these torrents take forever to download...

That's just because I restrict my upload bandwidth because I'm a dick.

Offline The Latinist

  • Cyber Greasemonkey
  • Technical Administrator
  • Stopped Going Outside
  • *****
  • Posts: 5326
Re: What's the name of your Wi-Fi network?
« Reply #46 on: October 20, 2017, 02:28:48 PM »
With the new WPA2 exploit it would be a good thing to study up on how to update your firmware as well.  I have a feeling I'm going to be visiting lots of friends and family in the near future.

Yeah, this is annoying.  Our main network at work is 802.1x, but we have guest networks and a couple of special-purpose networks that are WPA2.

Fortunately, Aruba has already patched the flaw and all of our infrastructure has been updated.
« Last Edit: October 20, 2017, 02:49:06 PM by The Latinist »
I would like to propose...that...it is undesirable to believe in a proposition when there is no ground whatever for supposing it true. — Bertrand Russell

Offline John Albert

  • Frequent Poster
  • ******
  • Posts: 2550
Re: What's the name of your Wi-Fi network?
« Reply #47 on: October 20, 2017, 05:55:55 PM »
My wifi network is set up to not broadcast its ESSID. If a guest wants to use my AP I have to tell them the network name anyway, so why even bother broadcasting it?

I also changed the IP address of my router's setup to 198.162.13.37. ;)

Offline John Albert

  • Frequent Poster
  • ******
  • Posts: 2550
Re: What's the name of your Wi-Fi network?
« Reply #48 on: October 20, 2017, 06:02:31 PM »
network name: NETGEAR
unprotected network

router UN: Admin
router PW: password

No antivirus software or firewalls, but I leave all the ports open just to be sure.

PROTIP: They can't hack your WPA if you enable WEP instead.

Offline daniel1948

  • Stopped Going Outside
  • *******
  • Posts: 5383
  • Cat Lovers Against the Bomb
Re: What's the name of your Wi-Fi network?
« Reply #49 on: October 20, 2017, 06:26:42 PM »
My wifi network is set up to not broadcast its ESSID. If a guest wants to use my AP I have to tell them the network name anyway, so why even bother broadcasting it?

I also changed the IP address of my router's setup to 198.162.13.37. ;)

I used to turn off ESSID broadcasting. Then some folks here on these forums, clearly more knowledgeable than I, explained to me why I should broadcast it and now I do. I forget the reasons. But they came from folks whose understanding of this stuff I respect.
Daniel
----------------
"Anyone who has ever looked into the glazed eyes of a soldier dying on the battlefield will think long and hard before starting a war."
-- Otto von Bismarck

Offline The Latinist

  • Cyber Greasemonkey
  • Technical Administrator
  • Stopped Going Outside
  • *****
  • Posts: 5326
Re: What's the name of your Wi-Fi network?
« Reply #50 on: October 20, 2017, 08:34:51 PM »
My wifi network is set up to not broadcast its ESSID. If a guest wants to use my AP I have to tell them the network name anyway, so why even bother broadcasting it?

Because if your router doesn’t broadcast it, your devices will be constantly be sending out requests to connect to it whenever they aren’t connected...requests that can be used to spoof your home network.  You gain a false sense of security (anyone with skills you can learn online in 5 minutes and tools you can download free on the Internet can see it anyway), while making all of your devices less secure.
« Last Edit: October 20, 2017, 08:38:17 PM by The Latinist »
I would like to propose...that...it is undesirable to believe in a proposition when there is no ground whatever for supposing it true. — Bertrand Russell

Offline John Albert

  • Frequent Poster
  • ******
  • Posts: 2550
Re: What's the name of your Wi-Fi network?
« Reply #51 on: October 21, 2017, 05:35:21 AM »
Devices identify a wifi network using its BSSID (the MAC address of the access point), not its ESSID (the network's alphanumeric "name," which is only there for user friendliness anyway). Turning off ESSID broadcast should not cause a device to repeatedly reconnect unless something in the device's firmware is seriously fucked.

I know how to use airmon-ng to sniff wifi packets, aireplay-ng to do reauth and deauth spoofing, etc. and aircrack-ng to hack wifi networks. It's true, those attacks can work regardless whether you broadcast your ESSID, because those techniques (like any wifi device) identify the network by its BSSID (MAC address).

The reason why I don't broadcast my network's ESSID is because I don't want it showing up on people's mobile devices. The only way you'll see it is if you already know its name, or if you put your wifi adapter into promiscuous mode and start sniffing packets. And if somebody's doing that, the jig is up and it becomes a game of encryption cracking either way. Even if they do manage to crack my wifi AP, all they really get is Internet access. I still have a Cisco managed switch sitting between them and the rest of my network.

And guess what? I use MAC address filtering too, which is also exploitable using the MAC spoofing feature of tools like aireplay-ng. But like with the ESSID thing, I really don't give a shit. The only way an attacker will know that a given MAC address is on my whitelist is to capture the traffic between that device and the AP. And requiring them to do the extra step of spoofing MAC just makes it more of a pain in the ass to get into my network. Again, if they do that then the jig is up anyway so nothing's lost. They still have to get past the AP's encryption and my switch to get into my stuff. And anyway, if I happen to notice that my device keeps repeatedly getting bumped offline for no good reason, then I might just be inclined to log into my AP, check the logs and investigate. 

Sure it's just "security through obscurity," but I don't care because I have other, more legit security as well (two levels of encryption plus network compartmentalization) so I'm not giving up any robustness. Some might argue that "hiding" my network by turning off ESSID broadcast might make my network a more interesting target for hackers, and my answer is "Whatever. More power to them."

By the way, my WiFi network's ESSID (which I don't broadcast) is W3llH3ll0Th3r3.
« Last Edit: October 23, 2017, 08:35:42 AM by John Albert »

 

personate-rain