I took my laptop to a customer's the other day, ran the Acrylic Wifi checking software there.
When I was finished, closed the laptop but left it running. Drove the 30 miles home.
There is a list of SSIDs longer than all our arms combined - obviously the laptop picked up dozens of home and business SSIDs while driving by.

What has that to do with secure passwords?

In reply to a post by zyborg47:

But you are right it is a good idea to have long passwords.

Try living in a block of flats. I've used 63 chars (the max is not 64) for ~15+ years. I was the first with WiFi in this block using old 802.11b and I try to remember to change my passphrase every 18 months or so.

I'm most disappointed in recent Intel WiFi cards that don't support the update to WPA3, so I'm using WPA2/WPA3 mode on my router. Most consumer hardware has not yet heard of WPA3 !

A comment on the sheer number of Wifi networks visible to the general public.

12 to 15 characters should be enough for a home router unless the Chinese government are picking on your router.

It all works much harder, all sorts of similar methods work well, or can be ruled out as an option! But nevertheless everything is possible!

In reply to a post by E300:

I don't think this is hacking.

The access point following your channel change and picking the same one is not an indication of bad behaviour, quite the opposite if there are no overlapping channels available for neighbouring access points to be completely clear of each other. With no channels available the best choice is for an access point to pick the same channels as a neighbouring access point, this is because when they are both on the exact same channels they can "see each other" and interoperate to avoid collisions. If they are only partly overlapping then they can't interoperate, but still interfere.

I expect at some point during your changes the other access point has chosen a different one to interoperate with and has stuck with that one. I've seen the same behaviour with my own access point.

See https://documentation.meraki.com/MR/WiFi_Basics_and_... for useful info the bit of interest is:

In reference to documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Channel_...:

When two wireless devices transmit at the same time, their radio signals will collide and become garbled. 802.11 devices on the same channel use a CCA check to avoid these collisions. However, the CCA check may not detect a transmission occurring on a different channel that also has some frequency overlap on the channel the check is being performed on. In this case, two 802.11 devices on different channels that overlap may transmit at the same time causing a collision and possible data corruption or frame loss. This is called interference because one device's transmission interferes with another device's transmission.

This is not correct, access points do not base themselves based on a neighbouring access point, the AP is not programmed to say "BT-XXXX" SSID has changed, lets follow it. If anything, if that SSID moved to another channel, it would free up space on the existing channel, and the AP would be happier. APs do not change channel easily, as it can cause user interruptions, the level of interference must be so great it is worth risking clients dropping for a channel to change. Devices choose 1,6 and 11 to avoid the part overlapping and interoperate issue you have highlighted (as I'm sure you are aware).

If you see a device swapping channel instantly, it seems like it's associated with your AP, more than anything.

Alright I would suggest good networking hygiene thoughts
1) Do not use WEP is way, way to easy crack.
2) Turn off WPS. Only have on if you really need to use it, it is a lot more preferable not to use it at all.
3)a If your WiFi can do WPA2 use it and not WPA.
3)b If your WiFi can do WPA3 use it and not WPA2.
4) Now if want to take things to next level set up a RADIUS Server. This could be done rarther cheaply if your WiFi supports it and using Raspberry Pi as the RADIUS Server. It has a steap learning curve but once mastered you will not look back.
5) VLANs where put WiFi on it own subnet.

This are pointless because there so easy defeated various ways very easy.
1) Hiding SSID
2) MAC filtering

PS I wouldn't to worry about the neighbors, goverment is probley already watching you more then they would admit to.

Edited by amiga_dude (Fri 09-Apr-21 10:51:38)

If you see a device swapping channel instantly, it seems like it's associated with your AP, more than anything.

Not necessarily. There are a lot of mesh devices around these days - they often sniff around to see what other devices are available to mesh with. If you change channels it looks like a new device has appeared, so it will be checked out.

In reply to a post by sheephouse:

If you see a device swapping channel instantly, it seems like it's associated with your AP, more than anything.

Not necessarily. There are a lot of mesh devices around these days - they often sniff around to see what other devices are available to mesh with. If you change channels it looks like a new device has appeared, so it will be checked out.

I said “instantly” ie within a few seconds. You rarely find a mesh setup to change a channel the very second it detects a network on its channel, as the mesh by its very nature is usually occupying 1 6 and 11.

On wireless mesh 5GHz is used for back haul most of the time and again this rarely changes as this can impact everything connected for a small amount of time. I have seen it happen when a 5Ghz channel just stops working entirely but with the mess of DFS channels often they only have 36 to 48 to work with and at 80MHz that really and changing from 36 to 40 is somewhat pointless.

I do see a few mesh systems which roll to 2.4GHz as backhaul whilst changing 5GHZ mesh channel and then band steer over time devices back to the underlying new 5GHZ network. This is more common when there’s so much congestion on channels 36 to 48 that it changes from 80MHz to 40 or even 20 to avoid significant interference whereby the benefits of higher channel width and usual speed are not worth it considering the interference levels and service impact.

Let’s not forget depending on the home users setup 2.4GHz can be used as backhaul. Take BT Smarthub 2, their complete WiFi will say “good signal” in areas where there is no 5GHz signal that’s usable but it manages to get a decent 2.4GHz and uses that as backhaul. Here I wouldn’t expect an instant channel change by the mesh point every time a neighbour turned on their WiFi on that channel.

Likewise, a simple device being on the same channel isn’t a big deal, or usually reason to change channel. Networks (mesh and wireless controllers) generally do not simply take into account nearby access points on the same channel. They can usually co exist just fine, it focuses more on it being service affecting. An example is there’s an AP on the same channel, not part of the mesh. If this was on channel 1, 20Mhz, with 35 associated clients and had overall heavy channel usage, clearly it may be service impacting to warrant a channel adjustment.

Even with all this in mind, if the existing mesh has very minimal data throughput eg imagine a user is just doing a radio stream at 64Kbps. The mesh / controller does not typically initiate an immediate switch, which could be service affecting, as the level of minimal usage is sustainable without interruption, and it will try to maintain that constant low usage stream without interruption.

If usage is higher, then there often reason to switch the channel sooner, as the interference can be service affecting to a great extent.

It is true that a mesh may steer all clients to another AP when they need to switch channel on the mesh device although this approach often causes issues with devices that simply refuse to connect into anything but the mesh with the greatest signal snd even though they can’t associate, they won’t pick the one further away.

If any system is such that it’s adjust channels with large frequency, this is not good for any sort of stability.

If a user notes that every single time they change channel, another WiFi AP follows them (which is not part of their own network) that is extremely suspicious. Why would an AP move to the channel that the users device has just chosen, surely it would see the channel they were initially on now has lower utilisation? There’s no need for it to follow an AP every change of channel.

On the whole mesh and controllers make adjustments based on issues such as adjacent channel interference and packet collision noted, consistently causing retransmission. Random non WiFi device interference which won’t work in the same manner as an AP producing co-channel interference which is generally ok.

While the WiFi environment and devices are getting smarter, change changes are not often, plenty of devices do not associate nicely after a channel change. Users see drops, sometimes have to manually reconnect. Issues such as devices being far away from the AP and dropping encoding down to QPSK, are far bigger concerns for mesh and controllers than co channel interference. To avoid this the mesh tries to route data in the most efficient manner without a specific bad apple causing overall slowdown snd limiting MU-MIMO.

Some people get mad when their iPad with 1 bar won’t stay on 5GHz and they prefer it to. They may split their SSID. The mesh / controller in a complex system may see a device on slower but more robust and guaranteed data encoding to support Netflix with 1 bar of WiFi, but then there’s an impact on several devices which don’t have poor signal. It can make more sense to steer that one service impacting device onto 2.4GHz.

It’s complex but there’s no system designed to switch WiFi channel to follow another AP that’s not part of its own mesh or controller.