How do I get in our invisible wireless connection?
October 11, 2005 7:34 AM   Subscribe

The easiest way is to hide the ESSID (you should be able to tell the access point to "not broadcast" it) and move it to a channel that isn't the default. Then manually set the SSID in Start->Settings->Network Connections->Wireless connection.
posted by cmonkey at 7:43 AM on October 11, 2005

What cmonkey said about the ESSID.

To fix your problem, try setting the ESSID to broadcast on the router, on the clients delete all instances of your network and have the clients find it automatically, THEN set the ESSID to not broadcast. I've needed to do that with about half the clients I've set up in my current wireless network.

As far as the password, know that it's trivial to break even 128-bit WEP or WPA encryption with kismet and aircrack, say about 10 minutes or so.

More security - I'm not sure how well changing the channel will work, because every wifi client I've used will pick up a network on a channel it's not set to. That's not to say you wouldn't see speed increases if you're set to a different channel than other local wireless networks, but don't count on a non-standard channel for security.

You could also set MAC address filtering on your wireless router. MAC addresses are configurable by the client, which means your freeloading neighbors could configure their cards to your MAC and you wouldn't know if that wireless client's weren't online, but it's one more thing you can do.
posted by cactus at 8:16 AM on October 11, 2005

As far as the password, know that it's trivial to break even 128-bit WEP or WPA encryption with kismet and aircrack, say about 10 minutes or so.

Actually, my understanding is that WPA-PSK is still quite secure, so long as the shared key is lengthy and not vulnerable to dictionary attacks. WEP, on the other hand, really is easily crackable in general.
posted by kickingtheground at 8:32 AM on October 11, 2005

Second WPA-PSK isn't weak unless you've chosen a weak WPA key. 64 characters of random alphanumeric plus punctuation is plenty strong. All the cracks I've seen have been plain dictionary attacks.
posted by Mitheral at 9:54 AM on October 11, 2005

kickingtheground writes "Actually, my understanding is that WPA-PSK is still quite secure, so long as the shared key is lengthy and not vulnerable to dictionary attacks."

cactus is correct. WPA-PSK, while probably the most secure offering available for home users and cheaper routers/AP's, is still quite vulnerable to some of latest cracking tools. Some third party firmware authors are implementing TinyPEAP into their software for use on routers that support this sort of thing (*cough* Linksys *cough*) which, at present, appears to be the most cost effective way of achieving enterprise wireless security for regular home users.

That being said, it is still not available for most home router systems so a MAC filter, hidden SSID, and WPA-PSK (with TKIP encryption) is probably the best way to secure a home wireless network. Change your key on a fairly regular basis and you should be fine.
posted by purephase at 10:06 AM on October 11, 2005

As an aside, hidden SSID will not increase your security, if that's what you're aiming for (see http://blogs.zdnet.com/Ou/index.php?p=43). Anyone who knows how to break into wireless connections will be able to figure out how to detect your router, and if anything, it might make it more of a target.

Also, using a hidden SSID on a router can play merry hell with connecting to it, as you have already experienced. I've had many problems connecting to routers with hidden SSIDs (e.g. from PDAs) and often it's just not worth the hassle.
posted by adrianhon at 10:28 AM on October 11, 2005

Practically speaking, the only thing that not broadcasting your SSID will accomplish is to keep people from connecting to your network automatically, simply by being close enough to the signal (i.e., in your driveway).

It will not do anything to stop people who sit in your driveway with a sniffer program, because these programs listen for more than just the SSID. The station is always transmitting something. Like others have suggested, the best approach to security is going to take advantage of all your router has to offer. Enable MAC filtering and WPA-PSK, then choose a good key that you change every few weeks.
posted by odinsdream at 11:51 AM on October 11, 2005

kensanway writes "I think my question, though, is less about making the network secure, than about how to find the network that isn't being broadcast."

You can't find an access point that is not being broadcast. You have to manually enter in the SSID on your client workstation and configure the security settings to match those on the router (encryption, pre-shared key etc.). This technet article contains a lot of good information on how to manually configure a wireless network connection for Windows XP. It might be what you're looking for.
posted by purephase at 12:07 PM on October 11, 2005

Hiding your SSID is stupid. It gives you no security while making your life more difficult (as the original question demonstrates).
posted by Good Brain at 8:30 PM on October 11, 2005

« Older Can you help me get my data ba...   |   Okay, so I have a java program... Newer »

This thread is closed to new comments.