Results 1 to 7 of 7
  1. #1
    New Lounger
    Join Date
    Jan 2004
    Location
    Sanford, Maine, USA
    Posts
    18
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have a Linksys WRT54G running WPA2 security and initially had it set to not broadcast my SSID and had Mac address filtering on to only allow my desktop & laptop. When I got my Mom a Mac mini and tried to get it on my network, I had to turn off Mac address filtering for it to work. (even though I had added the Mini's mac address as allowable).

    The next problem is that if I do not broadcast my SSID, then in order for the Mac to connect, we have to manually enter the SSID and WPA-2 passphrase EVERY TIME we want to get on the internet. By broadcasting my SSID, the Mac sees it and connects automatically.

    I would rather have these security settings back in place, but not sure how to get the Mac to work with them. Any help for this long time PC user and Mac novice would be appreciated.

  2. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,170
    Thanks
    47
    Thanked 980 Times in 910 Posts
    Not broadcasting the SSID is not a security measure, running WPA2 is. Leave the broadcast turned on and make sure you have a really good encryption string - see GRC for some nice passwords and KeePass to store them.

    BTW, MAC spoofing is also simple so setting a MAC filter doesn't guarantee security either.

    cheers, Paul

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    New York City
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by bydesign View Post
    The next problem is that if I do not broadcast my SSID, then in order for the Mac to connect, we have to manually enter the SSID and WPA-2 passphrase EVERY TIME we want to get on the internet. By broadcasting my SSID, the Mac sees it and connects automatically.
    I had a similar problem. Until recently, I had a TimeCapsule connected to my Linksys router, which was connected to my cable modem. I turned off wireless on the router and was using the TimeCapsule as my router, non-broadcasting, and with MAC address protection. Except for the fact that I occasionally lost the settings on the TimeCapsule and had to plug an ethernet cable in to restore them, this was working pretty well.

    Then I switched from cable to FIOS. Verizon gave me a new router. It seemed to offer a somewhat faster connection to the internet, so I configured it as non-broadcasting, with allowed MAC addresses, but my MacBookPro refused to see it. I also had problems with my Windows XP PC, so I finally gave up on the non-broadcasting thing. I can see that many of my neighbors have locked wireless access points in their apartments, so I doubt anyone is going to surf accidentally or on purpose on my new router. Nonetheless, having the problem with the non-broadcasting SSID is troubling.

  4. #4
    New Lounger
    Join Date
    Dec 2009
    Location
    New York City
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have to beg to differ. I live in a large apartment building so I can see many secured networks around me. One neighbor (I am not sure who, but have my suspicions) has an unprotected unsecured network cheerfully broadcasting its SSID all the time. Its signal isn't as good as the ones in my apartment, but occasionally I discover I am attached to her network (most frequently when I am trying to connect to another machine on my LAN). Sometimes I intentionally use her network if I am having problems with mine and am too busy with work to try to diagnose them. If her SSID was non-broadcasting and I didn't already know what it was, I wouldn't be able to connect to it, intentionally or otherwise. At least that is my understanding about having a non-broadcasting SSID. And if she had MAC address protection, even without any security on her network, I assume I wouldn't be able to connect.

    I'd sure like to know if I'm wrong.

  5. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,170
    Thanks
    47
    Thanked 980 Times in 910 Posts
    Sorry, you are wrong. All wireless traffic is broadcast so you only need a sniffer to see all traffic and you can then read the SSID from that traffic.
    Hiding is not security.

    cheers, Paul

  6. #6
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts
    Quote Originally Posted by P T View Post
    Sorry, you are wrong. All wireless traffic is broadcast so you only need a sniffer to see all traffic and you can then read the SSID from that traffic.
    Hiding is not security.

    cheers, Paul
    I agree with this.

    If you have a hidden SSID, MAC Address filtering and WEP security then it will take me an hour or so to crack into your network using well publicised free tools.
    If you broadcast your SSID, don't bother with MAC Address filtering and use WPA2 security then I wouldn't even waste time trying to hack it.

  7. #7
    New Lounger
    Join Date
    Dec 2009
    Location
    New York City
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by P T View Post
    Not broadcasting the SSID is not a security measure, running WPA2 is. Leave the broadcast turned on and make sure you have a really good encryption string - see GRC for some nice passwords and KeePass to store them.

    BTW, MAC spoofing is also simple so setting a MAC filter doesn't guarantee security either.

    cheers, Paul
    Good point. Of course I would not use my network with no security! Since I'm not in the habit of trying to use networks that don't belong to me, or which I haven't permission to use, I don't often think about this. None of my neighbors are smart enough to hack into my network, or at least not enough of them know enough about computing. So if I'm not broadcasting, at least it's one thing my neighbors (many of whom I do not like) know about me.

    As far as strong passwords, I've recently been generating and storing them in 1Password (which has a strong password on it). OS X only. I am very happy with it. Prior to that I was using PasswordSafe under Windows.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •