Wireless security myths

Microsoft security guru Steve Riley says don’t believe everything you read about security on wireless networks:

Hiding an SSID will not hide a wireless network, so ignore any such advice — and it’s amazing how often I continue to see this. By the way, also ignore any advice that says to use MAC address filtering.

Unfortunately, as I learned long ago, it’s nearly impossible to kill bad advice, which tends to take on a life of its own. I just Googled “wireless security” and three of the top five articles included these two bogus tips. Fortunately, item 6 on the list was George Ou’s “The six dumbest ways to secure a wireless LAN”, which debunks these two tips and four others for good measure.

2 thoughts on “Wireless security myths

  1. Ed,

    Thanks for linking back to the articles by George. I here and see the bad advice all the time in reputable magazines or from others in the IT world.

    I’ve even had clients ask me why I didn’t hide their SSID like such and such a magazine said. It’s so hard to convice them otherwise, that a lot of the time I just do it to make them happy. If they want to pay me the extra time to set it up, it’s their equipment and money….I’ll take it.


  2. I don’t hide my SSID. Setting up MAC filters is a pain, but I do it anyway. I can’t say it’s worth it, but I have a justification:

    In my home network most traffic is on wired devices and my only wireless client is rarely used. The MAC filter prevents casual hackers from accessing my router; they’d have to wait for wireless traffic that rarely occurs. They’d likely be waiting a long time before obtaining a MAC id to spoof.

    I agree MAC filters are not worth much in a business setting.

    I say make hacking as difficult as possible. Am I suffering a delusion?

Comments are closed.