Sep 13, 2012

Hiding Your SSID Will Only Give You A False Sense Of Security

Español: Logo WiFi Vectorizado
 (Photo credit: Wikipedia)
As a military veteran I bank at one of the greatest banks in the United States, USAA. It is a company that offers many different services to active duty, and former active duty military personel and their families. They have no bank fees, and they have excellent customer service. If you are in the military, or were in the military you really should check them out.

Anyhoo, enough of my endorsement and on with the topic of this post. My wife and I received the USAA Magazine recently that they send out to members and my wife happened upon an article they wrote about former FBI Cybercrimes Assistant Director, Gordon Snow, and his tips on network security.

I have to say that 99% of his advice was completely sound, and you should certainly follow his advice, but the one thing that I had to question was that the article mentions that he recommends hiding the SSID of your wireless network at home. I have heard that from other people as well, and I get the whole security by obscurity, and security in layers concepts, but in reality hiding your SSID from somone capable of hacking into your wireless network is the equivalent of blocking a tank with a piece of tissue paper. Here is what the article said:

Snow prefers a hard line to a wireless network (though he does have one). He sets his wireless router so it doesn't display his network's name. In addition, his router only allows devices to access his wireless network if Snow has manually entered the gadget's Media Access Control address, which is essentially a serial number unique to every device.

The reason I say this is, when hacking a wireless network hackers don't use the built in wireless software in Windows or Mac which only shows unhidden SSID's to find their targets. They use tools like Kismet, Airodump-ng or Netstumbler to find the SSID of their targets. Guess what? Hidden or not, these tools will display your SSID.

The moral of the story is that you can hide your SSID if you want, but don't think by doing so you are going to stop a hacker from finding your access point and keep them from trying to hack it. It simply won't.

If you want to read some of Gordon Snow's suggestions, you can read USAA's shorter blog post about Gordon Snow here: (6 Security Strategies from a Top Cybercrime Cop)

What do you think about hiding your SSID? Do you recommend it too? Why or why not? Let us know in the comments.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam