Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User neathblue
(learned) Thu 08-Dec-11 19:37:33
Print Post

SSID & Mac Code


[link to this post]
 
Hi someone on another forum told me to d/load inSSIDer to see if any of my channels were clashing with the neighbours, anyway i notice that my router and next doors and possibly others in the street are all showing there Mac address and SSID codes is their anyway to stop this and could people use that information.

thanks

Steve
Standard User Pipexer
(eat-sleep-adslguide) Thu 08-Dec-11 19:46:23
Print Post

Re: SSID & Mac Code


[re: neathblue] [link to this post]
 
This is nothing to worry about. Just make sure you have WPA1 or WPA2 security turned on.

______________
Zen 8000 Active
Standard User XRaySpeX
(eat-sleep-adslguide) Thu 08-Dec-11 20:13:30
Print Post

Re: SSID & Mac Code


[re: neathblue] [link to this post]
 
You can usually stop broadcasting SSID, but no harm's done.

1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC


Register (or login) on our website and you will not see this ad.

Standard User ggremlin
(committed) Thu 08-Dec-11 20:22:49
Print Post

Re: SSID & Mac Code


[re: neathblue] [link to this post]
 
could people use that information?

yep, apple, google and others use locally received wireless-network names/mac addresses for geo-location
Standard User gomezz
(eat-sleep-adslguide) Thu 08-Dec-11 23:19:38
Print Post

Re: SSID & Mac Code


[re: neathblue] [link to this post]
 
Hiding them causes problems and has no benefits.

O2 Standard (8Mbps LLU)
Standard User Mikey2
(eat-sleep-adslguide) Fri 09-Dec-11 11:38:14
Print Post

Re: SSID & Mac Code


[re: ggremlin] [link to this post]
 
You can _nomap i.e "YOURSSID_nomap", if you don't want google to record your mac in their database.

Mike
If you have to swallow a frog, try not to think about it. If you have to swallow two frogs, don't swallow the smaller one first.
Standard User E7er
(knowledge is power) Sat 10-Dec-11 12:10:11
Print Post

Re: SSID & Mac Code


[re: neathblue] [link to this post]
 
In reply to a post by neathblue:
Hi someone on another forum told me to d/load inSSIDer to see if any of my channels were clashing with the neighbours, anyway i notice that my router and next doors and possibly others in the street are all showing there Mac address and SSID codes is their anyway to stop this and could people use that information.

thanks

Steve
Hi, thanks for the info, I will now use inSSIDer on my computer, itís a clever little programme. I see the MAC address is the MAC address of the router and vendor is the router manufacture name, it shows my router as 2Wire, Inc. The programme can still see your wireless router even without the SSID broadcast, clever!

I use WPA-TKIP with 63 random alpha-numeric characters long password for maximum wireless security. wink

https://www.grc.com/passwords.htm

http://www.metageek.net/products/inssider/download/

--------------------------------------------------

For wireless security I use Steve Gibson and Leo Laporte advice from Security Now.

Bad WiFi Security (WEP and MAC address filtering)
Leo and I answer some questions arising from last week's episode, then plow into a detailed discussion of the lack of security value of MAC address filtering, the futility of disabling SSID's for security, and the extremely poor security offered by the first-generation WEP encryption system.

podcast 11 http://aolradio.podcast.aol.com/sn/SN-011.mp3

podcast 13 http://aolradio.podcast.aol.com/sn/SN-013.mp3

https://www.grc.com/securitynow.htm

Orange WBC 20 Mbps. Sync 11864 kbps Downstream, 1189 kbps Upstream.
Netgear DGN1000 ADSL2+ wireless N 150 Router supplied by Orange
BT Business Hub 2Wire 2700HGV v2 ADSL2+ Dual SSID wireless Router

Edited by E7er (Sat 10-Dec-11 12:26:35)

Standard User GeeTee
(committed) Sat 10-Dec-11 14:07:10
Print Post

Re: SSID & Mac Code


[re: E7er] [link to this post]
 
E7er - I suggest you read up on using WPA2-CCMP (AES) - it is cryptographically stronger than TKIP technically.

Not that it makes a great deal of difference these days - there a several services being offered using vast Amazon EC2 clouds to brute force passphrases (WEP, WPA or WPA2) from wireless traffic dumps (aircrack-ng capture for example). The sheer number of CPUs/GPUs that can be thrown at the task makes it relatively trivial even with a 63 character randomised passphrase.

Why anyone would want to go to even that much effort to gain access to a residential WLAN is another question. I can see it might be a concern for corporates running WLANs.
Standard User Stubabe
(regular) Mon 27-Feb-12 04:41:14
Print Post

Re: SSID & Mac Code


[re: GeeTee] [link to this post]
 
Sorry to dig up an old thread but this is plain wrong.
Assuming you acually have a random password (e.g. generated by a computer, dice rolls etc) then a 63 character mixed case + numbers password has 8 x10^112 combinations = 375bits i.e way stronger than AES256. Even a 21 character mixed case + numbers password offers 125bit security which is nearly at the AES128 level. Currently 112bit is considered secure until at least 2020 and that is a against a government adversary (i.e. someone like the NSA that can build custom cracking chips). To 100% scan even a 80bit key space in a year would take a computer that can do 3.8x10^16 calculations per second i.e 38 petaops/s which is bigger than the bigest known supercomputer and that is only a 14 character mixed case + numbers password!
Of course WPA also hardens your password with 4096 rounds of HMAC-SHA1 salted hashing which I have not considered in these calculations, which actually makes the problem much harder than stated.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I went to a specialist the other day and he told me that my disk drives floppy frown
O2 ADSl 5.5Mbs - faster than snails on speed???
  Print Thread

Jump to