Wifi is Voodoo…and someone's sticking pins in my doll.
October 10, 2008 12:58 PM   Subscribe

My Dad's network is driving me crazy. How can the current situation be possible?

I administer my Dad's network from afar. It's a pretty simple setup: cable modem connected to Linksys wireless router. When he's at his desk, next to the modem and router, he just plugs in via an ethernet cable. When he roams around the house with his macbook, he's got the wireless available. Simple, no?

Well, my wife is there now, and she has my (nearly identical) macbook with her. She can't even see his wireless network. I've confirmed that Dad's picking it up. I've confirmed that she's got Airport turned on. She's picking up two of the neighbors' wireless networks, so I know Airport is working on my machine. But even if she parks my macbook on the desk next to my Dad's, she can't receive his wireless network, 30 inches from the router. How is this possible? Tell me what I'm overlooking. Make me slap my forehead and grin sheepishly.

This is driving me nuts.
posted by dinger to Computers & Internet (11 answers total)
Best answer: Do you have his network set up not to broadcast the SSID?
posted by iknowizbirfmark at 1:14 PM on October 10, 2008

Best answer: The wireless router is not broadcasting the SSID of the network.

You probably set it up this way to be obscure-secure. Either go to the router's admin interface and turn on "Wireless SSID Broadcast" (or similar), or use "Connect to OTHER network" from the other MacBook, and type in the SSID name of the network... which you can ascertain from the working MacBook's settings when connected.
posted by rokusan at 1:26 PM on October 10, 2008

(Broadcasting the SSID is a human-friendly convenience, not a requirement for wireless networking.)
posted by rokusan at 1:27 PM on October 10, 2008

Response by poster: Why yes I do, he said slapping his forehead and grinning sheepishly.

I set up my Dad's network a couple of years ago, and set up my old laptop to connect to it. Then I bought my new laptop, and completely forgot that I'd configured my Dad's network not to broadcast the SSID.

iknowizbirfmark, you are an f___ing genius. Thank you.
posted by dinger at 1:29 PM on October 10, 2008

You're welcome, but you just happen to have fallen prey to the one issue I could help you with! I should thank you for making me look good.
posted by iknowizbirfmark at 2:02 PM on October 10, 2008 [1 favorite]

Said it before, will say it again: Just broadcast the SSID.

Wireless security is all about having a good (non-dictionary-attackable) WPA key. If you have that, you're secure; if you don't, you're not. Fartarsing about with SSID broadcast suppression and/or MAC filtering makes your wireless network less convenient and more likely to cause you trouble, not more secure.
posted by flabdablet at 8:17 PM on October 10, 2008

Seconding flabdablet. Mac filtering and shutting off SSID is just a type of security through obscurity that does not stop a determined attacker. In the long run it just adds complexity and silliness that bites you in the rear later on when you've forgotten what odd changes you made. Instead, WPA with a strong password is all you need.
posted by damn dirty ape at 10:11 PM on October 10, 2008

I might be inclined to rate SSID broadcast suppression and MAC address filtering as security through obscurity if the methods for working around them were not trivially discoverable via Google. Since they are, those practices are merely inconvenience by obscurity, and the people they always inconvenience most are the legitimate network users. Don't do that.
posted by flabdablet at 12:26 AM on October 11, 2008

Not directly related to your question but just to confuse things for any potential wifi snoop you could call the SSID something like the name of a printer than comes with builtin wifi as standard like "HP_LaserJet_???" (google a brand/model)..
posted by MetaPenguin at 1:22 AM on October 11, 2008

Response by poster: All good thoughts…thank you. The irony is that, in addition to supressing SSID, I did put a ridiculously strong WPA password on the network. Being responsible for dragging my Dad, kicking and screaming, into the digital age, I tend to go a little overboard on his security.
posted by dinger at 7:10 AM on October 11, 2008

Confusing things for potential wifi snoops is completely pointless. If you set up your wifi in a confusing way, it will end up confusing legitimate network users far more often than it confuses black hats.

Use a strong WPA password. Keep it in a text file on your USB stick, and paste it in as required. If a black hat can't look up your WPA password in a dictionary, they can't access your network. Use WPA2 if all your devices support it, WPA if not. If you have devices that only support WEP, upgrade them.

Turn MAC filtering off.

Use a straightforward SSID. I like to use the street number and name, so I can easily tell which of the available WAPs is mine, and so strangers know whose door to knock on to request network access.

There's a story doing the rounds at the moment about those dastardly Russians and their use of nVidia GPU's to crack WPA/WPA2 passwords by brute force. So, let's assume their claimed password test rates (about 400 million passwords per second) are close to the mark.

Let's also assume you've used the password generation method I linked above, which gives you a search space of 5215 = 54960434128018667122720768 possible passwords. Let's assume that the black hat is going to be lucky enough to crack your password after searching one millionth of that space - 54960434128018667122 passwords. At 400 million per second, that will take only 137401085320 seconds, or about 4300 years.

Seems to me that a one in a million chance of cracking your WPA password within 4300 years is acceptably secure.
posted by flabdablet at 11:26 PM on October 11, 2008

« Older Ordained for Colorado?   |   Trace a call that can't be traced? Newer »
This thread is closed to new comments.