If you’ve ever noticed when you searched for a wireless access point, you were able to find the name of the access point. It pops it up on the screen. What access point would you like to connect to? Maybe LINKSYS, or DEFAULT or NETGEAR or a name that’s very specific that someone has programmed into their wireless access point.
Well, being able to identify wireless access points so easily and connect to them, it also brings up some security concerns. Should we really be broadcasting the fact that we have a wireless access point here?
So one of the things you can do is, of course, change the SSID, the service-set identifier, to something that’s not quite so obvious. Make sure it doesn’t use a default name like LINKSYS and maybe not even give it a name that’s referring back to your organization. Give it something very generic.
You can also disable the broadcasting completely. This is a configuration setting from my access point. Here’s a check box, Enable SSID broadcast or not. I can turn it on or off.
But yet again, it’s very easy with protocol analyzers to be able to sniff the air and see what access points are out there. As soon as somebody connects, I’m going to see the SSID. You can’t hide all of the SSID information.
So, again, applying this is really security through obscurity, which, of course, is nothing to do with security. So don’t, again, use this as your only method of trying to add extra security to your network. Layer it on with all of the other things that you’re doing.
Category: CompTIA Security+ SY0-401