Why hiding your SSID is not secure.

Have you heard that hiding your SSID is a good idea?  Think again.

With BackBox or Kali (in fact in form of Linux), you can run sudo airodump-ng phy1.mon at a terminal (replace phy1.mon with your network card number) – onboard cards would be phy0.mon.

Using a WINDOWS computer, you can type netsh wlan show networks mode=BSSID and see all networks and information about the network including hidden networks.

One One Netsh

You will also see the Hidden Network using Windows 10 GUI.  Although this network is ‘OPEN’, you’ll have to guess the name to connect to the network which is nearly impossible.

Hidden One

What you can do is install BackBox or Kali and use Airodump-ng.  Below you will see airodump running and the network card is phy1.mon (replace this with phy(number).mon .  The numeric value is the number of your card.  0 will be onboard and 1 will be an add-on card.

One

As you can see below (top half) that there are two SSIDs you can connect to.  You will also see that no one is associating or deauthenticating with the Wireless that is available.

Two

If you wait long enough, someone will associate with the SSIDs – Here you will see someone connecting to one of the Wireless Access Points. (look below ‘Probe’ and you will see the Station that is associating with the AP.

Three Joining

Waiting a few more minutes, you will see another station authenticating with the Wireless AP (look under ‘Probe- you’ll now see two stations associated with the SSID).

Five Hidden

When a wireless access point comes online, (look below the arrow) – you’ll see the number of characters the name is (in this case it is nine), yet hidden.

Four

When a station authenticates or connects to the ‘hidden network’ you’ll see the SSID name of the hidden network.  In this case, look below ‘Probe’ and you will see Tomato242 which we set up to find.

Six Show Hidden SSID

So is hiding an SSID a good thing to do?  It is one step of obfuscation.   The other steps include – setting the WAP to WPA2 (CCMP/AES), using mac filtering and keeping your passphrase confidential.

In the scenario above, when the Wireless came online and was open, because it does not have a password, you could connect to this wireless AP just be clicking on hidden and typing in no password.

About TCAT Shelbyville IT Department

The Tennessee College of Applied Technology - is one of 46 institutions in the Tennessee Board of Regents System, the seventh largest system of higher education in the nation. This system comprises six universities, fourteen community colleges, and twenty-six Applied Technology Colleges.
This entry was posted in Computer Security, higher ed, Home Networking, Information Technology, internet security;, network, Networking, Technology, Wireless and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s