Re: Protected WLAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 23 May 2011 16:36:00 Tim wrote:
> On Mon, 2011-05-23 at 13:58 +0100, Tim Smith wrote:
> > One problem lies in the fact that 802.11 does not specify a particular
> > means of giving a NULL SSID so different APs do it in different ways.
> > Some give a zero-length SSID. Some give an SSID of length 1 consisting
> > of a zero octet (a C null-terminated empty string). Some use a single
> > ASCII 32. Some use a number of spaces equal to the length of the real
> > SSID. You will thus find all sorts of rubbish in your list of
> > available APs when looking at it using a station. Some of the older
> > ones may Go All Funny :-(
> > 
> > However, the SSID WILL be present in a probe response to a probe
> > request which contained it, so it's available to anyone with a
> > sniffer. This has to be the case or no stations would ever be able to
> > find it to associate, as you obviously know :-)
> 
> In essence, when you *try* to hide your SSID, it doesn't stop
> broadcasting a SSID, it broadcasts a bogus one?  Plus providing the real
> SSID details in other transmissions?

Yup.

> So, that would make it harder for you to connect to the ID you manually
> type into your client.  Not to mention the fun and games of picking your
> random ID from the neighbour's random ID?

Not really. This is SSID, not BSSID (BSSID is usually the MAC of the AP).
When you scan, you not only listen for beacons, but you (should) send probe 
requests. If you put an SSID into your probe request, you will get a 
response only from a BSS with a matching SSID, so you broadcast saying 
"network named 'MyHouseNetwork' please respond" at which point you get the 
response from the real BSS which has the real SSID in it and not the bogus 
one that went in the beacons.

This is not for security of the SSID, but because you also supply that SSID 
when you associate, so the AP may route you to different authentication 
systems depending on which "network" you're trying to connect to. It's sort 
of like having virtual IPs on one ethernet MAC. But only sort of.

> Though, whatever the specs say about what's supposed to be done, it's
> certainly been shown that various different things have a lot of trouble
> associating with the right access point, or any access point, when
> there's no SSID being sent.

Yup. There's a lot of broken kit out there :-) How your station chooses to 
store and query the scan information is a good source of bugs.

-- 
But while the ant gathered food, the grasshopper contracted to a point on a 
manifold that was NOT a 3-sphere...
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux