SSID cloaking - safe or unsafe?
Many organizations use SSID cloaking as a mechanism to add security layer to WLAN. This technique requires all users to have knowledge of the SSID to connect to the wireless network.
Many organizations use SSID cloaking as a mechanism to add security layer to WLAN. This technique requires all users to have knowledge of the SSID to connect to the wireless network. Typically SSID is considered a mechanism to enhance WLAN security, and is the best practice recommended by PCI Data Security Standard. However, it also significantly reduces the security effectiveness of wireless LANs (WLANs).
Giving a false sense of security
Previous wireless networks deployed SSID cloaking as a means to prevent unidentified users from accessing the network. However, this technique has never been used as an authentication mechanism. Some organizations accept distribution of cryptic SSIDs in a shared secret style. Some tools such as ESSID-Jack or Kismel are responsible for monitoring and reporting the situation of SSIDs on legitimate stations, thus leaving traces to allow an attacker to see the origin of SSID and easily circling security mechanisms to penetrate the network.
Confusing users
When the network SSID is masked, users cannot refer to the list of suitable wireless networks for WLAN. From there make them choose and log in to another network and leave vulnerabilities on the client side. Some US states consider this as an illegal computer intrusion phenomenon.
Attempts to impersonate AP
Some attack tools like KARMA take advantage of advanced WLAN exploration techniques used by wireless clients. When a station probes for WLAN in the priority list (PNL), the station itself will trace the SSID to the listening attacker. KARMA-type attacks use the SSID detected to impersonate WLAN as bait to lure the operating station to the attacker. For Windows XP SP2 users who have updated the hotfixes on Microsoft's KB917021 page, Windows workstations change the operating method when exploring wireless networks. Users and administrators can mark the list on PNL as 'nonbroadcast' (without promotion). When the 'Connect even if this network not broadcasting' option is not selected, the workstation will not reveal SSID information despite network exploration, restricting the KARMAL attack type. However, for the workstation to identify the appropriate network, the AP must disable the SSID mask function. Otherwise, they will return to active network exploration, making SSID cloaking a less secure option.
Although SSID cloaking appears to be a very attractive mechanism to support WLAN security, it actually reduces the security of corporate wireless networks.
- Quickly see the secret of choosing a safe seat when the car is in distress
- Watch the video to see how the robot destroyed the safe within 15 minutes
- More than 95% of the world's population must breathe unsafe air
- Smart syringe changes color after use
- There are thousands of small dams in danger of unsafe
- Detecting ancient safes buried deep underground, suspected to find treasure
- Safe vegetables grow well on the stone plateau
- Guide safe escalator skills
- Safe for teen drivers
- 5 ways to be safe when using public computers
What is the Snapdragon SiP chip? How to create a yellow circle around the mouse cursor on Windows Edit the Boot.ini file in Windows XP 3 ways to restart the remote computer via the Internet Vietnam computer market: Looking back a year How to restore deleted applications on Android How to increase the capacity of C drive on Windows 10, 8, 7 ... 8 security features of Windows operating system