View Full Version : Turning off SSID broadcast. Hacker-proof?
David Prahl
06-11-2004, 10:19 PM
Two problems/questions, one from each side of the router. :wink:
A friend of mine has a D-Link WAP at home, and we've set up WEP. The menus don't seem to offer the ability to turn off SSID broadcast. Is it possible that D-Link just left that out? Why? Any other way to turn it off?
A co-worker of mine has a WAP at work (the only wifi), but he won't tell me the SSID or channel # (to annoy me). Is there any way to get that info? This might seem a little borderline, but he knows that I'm trying to get in and is finding it funny.
Thanks - help on either question would be greatly appreciated.
mscdex
06-11-2004, 10:35 PM
I can't help you on the D-Link issue, but you can autoconnect to any AP in range by setting your SSID on your device to "any" without the quotes.
Steven Cedrone
06-11-2004, 11:42 PM
Two problems/questions, one from each side of the router. :wink:
A friend of mine has a D-Link WAP at home, and we've set up WEP. The menus don't seem to offer the ability to turn off SSID broadcast. Is it possible that D-Link just left that out? Why? Any other way to turn it off?
A co-worker of mine has a WAP at work (the only wifi), but he won't tell me the SSID or channel # (to annoy me). Is there any way to get that info? This might seem a little borderline, but he knows that I'm trying to get in and is finding it funny.
Thanks - help on either question would be greatly appreciated.
Go to the D-Link web site, odds are there is a formware update for his WAP. After upgrading mine, I had the ability to turn off SSID.
As far as the WAP at work goes, does the IT department know about it? (You could both be risking your jobs if they don't) The software that comes with my Symbol Wireless Networker can see SSID and channel...
Steve
David Prahl
06-11-2004, 11:59 PM
As far as the WAP at work goes, does the IT department know about it? (You could both be risking your jobs if they don't)
He's second in command for IT and also handles network security. We ARE the IT department. :lol:
Go to the D-Link web site, odds are there is a formware update for his WAP. After upgrading mine, I had the ability to turn off SSID.
Thanks! I've forwarded this thread's URL to him using my g-mail account. :mrgreen:
dean_shan
06-12-2004, 12:50 AM
A co-worker of mine has a WAP at work (the only wifi), but he won't tell me the SSID or channel # (to annoy me). Is there any way to get that info? This might seem a little borderline, but he knows that I'm trying to get in and is finding it funny.
Although I've never tried it I've heard that AirSnort (http://airsnort.shmoo.com/) might do the trick for you.
Steven Cedrone
06-12-2004, 03:31 AM
He's second in command for IT and also handles network security. We ARE the IT department. :lol:
In that case, rock on! :wink: :way to go:
Steve
David Prahl
06-12-2004, 04:23 AM
Although I've never tried it I've heard that AirSnort (http://airsnort.shmoo.com/) might do the trick for you.
That's what I found after a few hours of reading up and Googling around. Finally found a windows port of it, but it wanted a channel and SSID. What if I don't know them? Guess the 13 channels with "any" SSID?
tanalasta
06-12-2004, 04:52 AM
If your co-worker's being mean and evil and hiding a non-broadcasted SSID from you, it'd be fairly hard to guess. With the combinations of channel's/SSID names almost impossible.
Haven't tried airsnort.
What you can do is find a computer/device already connected to the network and then see what the network settings are.
Or a computer configured to the network (you are the IT department), check the network settings. If broadcasting is off, each computer should have the SSID name and channel number configured in the wireless network card/configuration. So you may be able to find it there. Otherwise, have you tried asking your other colleagues? Or buying your second-in-command a drink? ;)
ctmagnus
06-12-2004, 06:02 AM
If you have the network thoroughly audited (as all good IT departments should), just open vxUtil and do a ping sweep of the network. The sole anomoly that shows up should be his AP. It's a start, at least.
David Prahl
06-12-2004, 04:31 PM
If you have the network thoroughly audited (as all good IT departments should), just open vxUtil and do a ping sweep of the network. The sole anomoly that shows up should be his AP. It's a start, at least.
Can you explain this?
What you can do is find a computer/device already connected to the network and then see what the network settings are.
He has a laptop around sometimes, but I'm guessing that it has a PW at login. I could always hard-reset his AP, but that would be cheating. :lol:
ctmagnus
06-12-2004, 06:21 PM
If you have the network thoroughly audited (as all good IT departments should), just open vxUtil and do a ping sweep of the network. The sole anomoly that shows up should be his AP. It's a start, at least.
Can you explain this?
Ideally, you'd have all the IPs on the network, except his, already accounted for. Doing a ping sweep would reveal all the IPs in use. The one IP that's revealed that wasn't accounted for would be his AP. Once you know the IP, you can get started using some Linux-type utilities to find out more details about the AP, including the password.
At least I think that's how you would go about it, I may be mistaken.
IronGeek
06-13-2004, 01:54 AM
Get yourself a copy of Knoppix-STD, a laptop and run Kismet. It's great because it can do RF monitoring and pick up APs that are not broadcasting their SSID. To my knowledge there are no Windows drivers that let you put your wi-fi nic in passive/ RF monitoring mode, but since Knoppix-STD is an easy way to run Linux security tool you should have no problem if your hardware is supported.
David Prahl
06-13-2004, 01:57 AM
Get yourself a copy of Knoppix-STD, a laptop and run Kismet. It's great because it can do RF monitoring and pick up APs that are not broadcasting their SSID. To my knowledge there are no Windows drivers that let you put your wi-fi nic in passive/ RF monitoring mode, but since Knoppix-STD is an easy way to run Linux security tool you should have no problem if your hardware is supported.
I'm a complete NOOB with the penguin. Just burn the ISO to a CD and boot? Do I need to install the OS or can I just run it?
Thanks. This could be a fun learning experience!
IronGeek
06-13-2004, 02:06 AM
Just boot from the cd and find kismet in the menu. Thats about it as long as your Wi-Fi card is supported.
ctmagnus
06-13-2004, 02:10 AM
Cygwin doesn't support passive mode, does it?
IronGeek
06-13-2004, 02:22 AM
Sorry, I don't know. My guess is not.
David Prahl
06-13-2004, 02:43 AM
Just boot from the cd and find kismet in the menu. Thats about it as long as your Wi-Fi card is supported.
A D-Link Prism2-based piece-o-crap? I hope so! :D
Thanks a ton, IronGeek. I'll burn that distro and play around with it.
IronGeek
06-13-2004, 03:00 AM
If it's Prism2 it should work fine. All my Prism cards seem to work with it.
IronGeek
06-16-2004, 09:57 PM
I just did some playing with a coworkers x3 with wi-fi and the built in site survey software picks up APs that are not broadcasting their SSIDs. Guess the Dell drivers can put the built in Wi-Fi chipset into passive mode.
ctmagnus
06-16-2004, 10:33 PM
Is the unit associated with the AP before you start the site survey utility? Because the utility will show APs that the unit is connected to, regardless of whether they are broadcasting their SSID's.
IronGeek
06-17-2004, 01:29 AM
Nope, it's showing ones I never connect to.
vBulletin® v3.8.9, Copyright ©2000-2019, vBulletin Solutions, Inc.