Talk:Service set identifier

From Wikipedia, the free encyclopedia

HOW CAN WE KNOW THE SSID NUMBER?

Ussually you're wireless conection software will tell you (Look for SSID:, Network name:, or Conected to:) Bawolff 03:34, 13 April 2006 (UTC)

I've been looking for a reference for allowable encodings for an SSID. The wording "alphanumeric string" (vaguely) implies 7-bit ASCII only, but 8-bit SSIDs are certainly out there; I have found a bug report which mentions in passing that the encoding should be ISO-8859-1 but this seems rather anachronistic for a standard from 1999. Couldn't find anything in the 802.11 specs via http://ieee802.org/ either. era 15:17, 28 March 2007 (UTC)

Yes. I've fixed the article. 128.197.11.28 17:38, 5 September 2007 (UTC)

The article says "it [the SSID] is however still readily available to crackers using the appropriate tools"

Some more dicussion how how a "cracker" would do this would be nice to have (i.e. what can you tell about a network if you don't know the SSID, and how do you connect to it? do you need to eavesdrop on other connections, or can you get in some other way?) --85.119.130.132 12:10, 12 July 2006 (UTC)

Well, you could use a tool such as essid_jack. When you have the MAC address of an AP that your target is connected to (obtained by a packet sniffer), essid_jack to spoofs your MAC address with the one of the AP and sends a disassociate frame to your target (or targets, if the destination is set to broadcast) which causes them to send back to the AP (you) an associate frame, with, of course, the SSID. Or if you like doing it passively, simply capture packets until one of them has the SSID you need. Easy. SeriousWorm 13:47, 14 October 2006 (UTC)

References for the "many security experts considering disabling SSID broadcast to be a security weakness" part would greatly benefit this article. Jody Burns 22:12, 24 January 2007 (UTC)

Maybe this is what you are looking for?: http://www.icsalabs.com/icsa/docs/html/communities/WLAN/wp_ssid_hiding.pdf -David Eliason

Wouldn't it be clearer to spell it with a hyphen: "service-set identifier"? Reason: it seems to be `an identifier set by the service`, i.e., by the network (its provider or the processes going on in the network).

[edit] Not broadcasting the SSID

Regarding the following paragraph:

In fact, many security experts now consider turning off the SSID broadcast a security weakness. The access points may no longer broadcast the SSID, but every client that has that network set to automatically connect is now transmitting connection request packets with the network's SSID in an attempt to locate and connect to the network.

This paragraph, especially with the word now, gives the impression that the behavior of the system changes when the SSID is not broadcast. Is this correct? --Jwinius 12:10, 19 June 2007 (UTC)

Another thing;

"Some people have erroneously attempted to improve security by turning off the broadcast of the SSID ... it should still be turned on ... It is the first layer of a layered security setup"

Obviously being written by different users, this section actually contradicts with itself. Hiding the bssid can be considered a slight improvement of security. A user who can't detect a hidden bssid probably wouldn't have the knowledge to crack a wireless network's password, whereas a user knowledgeable enough to crack the password would have no problem detecting the hidden bssid. so most of the time bssid hiding is irrelevant. Regarding the above (deleted) comment about bssid hiding being a security flaw, that's only funny :) Anyone having a simple program like kismet can detect all bssids around, one way or another wireless networks can be detected. What difference does it make? I think that section should be rewritten. 88.254.131.246 (talk) 08:43, 30 March 2008 (UTC)

[edit] ESSID versus SSID

What's the distinction between ESSID versus SSID? 24.26.128.185 (talk) 04:31, 29 March 2008 (UTC)