Microsoft security guru Steve Riley says don’t believe everything you read about security on wireless networks:
Hiding an SSID will not hide a wireless network, so ignore any such advice — and it’s amazing how often I continue to see this. By the way, also ignore any advice that says to use MAC address filtering.
Unfortunately, as I learned long ago, it’s nearly impossible to kill bad advice, which tends to take on a life of its own. I just Googled “wireless security” and three of the top five articles included these two bogus tips. Fortunately, item 6 on the list was George Ou’s “The six dumbest ways to secure a wireless LAN”, which debunks these two tips and four others for good measure.
2 thoughts on “Wireless security myths”
Thanks for linking back to the articles by George. I here and see the bad advice all the time in reputable magazines or from others in the IT world.
I’ve even had clients ask me why I didn’t hide their SSID like such and such a magazine said. It’s so hard to convice them otherwise, that a lot of the time I just do it to make them happy. If they want to pay me the extra time to set it up, it’s their equipment and money….I’ll take it.
I don’t hide my SSID. Setting up MAC filters is a pain, but I do it anyway. I can’t say it’s worth it, but I have a justification:
In my home network most traffic is on wired devices and my only wireless client is rarely used. The MAC filter prevents casual hackers from accessing my router; they’d have to wait for wireless traffic that rarely occurs. They’d likely be waiting a long time before obtaining a MAC id to spoof.
I agree MAC filters are not worth much in a business setting.
I say make hacking as difficult as possible. Am I suffering a delusion?
Comments are closed.