On Sunday 03 February 2008 04:51:50 pm Kai Ponte wrote:
How does any network manager "see" a hidden access point?
My SSID is hidden and neither KDE or Vista can see it. I log in manually.
The problem is that the systems connect "automatically" to hidden APs by randomly cycling through the list of known networks and broadcasting them in an attempt to connect to them. Anyone scanning in the vicinity can pick up this connection attempt, and spoof the AP. If the system isn't configured to use WEP or WPA with that access point, then a remote user can effectively hijack a network session. It's bad from a security posture because you're soliciting connection requests to the named AP even in the absence of the AP you're trying to "hide". Windows used this behavior by default in XP, but disabled it as default it Vista because of the security considerations, which is why you must manually connect when you know you're in vicinity of a hidden AP. There was an exploit floating around due that took advantage of this and the fact that MS uses the peer-connect fallback (169.x.x.x) IP address, which would allow an external user to connect to a Windows machine by simply sniffing the "hidden" AP association request and utilize a similar 169.x.x.x addy. Hidden APs are pointless, it's like disabling ping responding on internal devices on a network. It makes it difficult to diagnose connectivity problems, but does nothing as a security layer because the black hats have tools for sniffing their presence anyways, they're freely available on the net. Even iwlist will identify the presence of hidden networks. WPA is effective enough, anybody with the tech to crack a WPA connection isn't going to have a problem finding a hidden network. It would make things a lot easier for the devs if people stopped hiding APs, because it really accomplishes little anyways. Just my 2c... Cheers, KV -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org