Starpoint

Ok, this will make sense to anyone here about Wifi security but here goes.

I had an interview with an petroleum company in downtown Houston, we talked and the subject of Wifi came up. Now I like to think I am not the best in the world, but I do know enough to sniff out someone who is clueless.

This "IT director" got mad at me when he asked my opinion about broadcasting the SSID. This company is on the 10th floor in downtown Houston on a street that leads directly out of downtown onto the freeway. There are 2-3 parking garages/lots next to them. In other words, a wifi hacker has plenty of "campsites" and a nice way out of the city.

When he asked my opinion about broadcasting the SSID I said "It's not a smart idea, since you effectively tell everyone there is a wireless network here. Even if you run all the security in the world after that, why even tempt them?" I then said "if the broadcast is turned off, it will take a smarter person to use the methods to detect you and since they will see the broadcast is off, which is a basic security step, it should tell them that this network has some security invoked and there may be more."

The guy THOUGHT I was calling HIM stupid because he was the one that set up the network (he was the guy that knew the most about computers so he got the job... you know the type) so he was offended.

As he walked me out the door I told him I did not call him stupid, just said that advertising his wireless network is how evil hackers find you and then take advantage of your network. Then when your CEO finds out that some "simple" steps could have been taken to prevent the hack, they start questioning your tech skills.

I then reported him to the staffing company I was using and they told me they will speak to him about berating their candidates. I later got a call from the staffing company saying they told him that if they hear another abuse they will pull all candidates they are submitting plus pull the 5-8 people they have there working now.

THAT impressed me alot.

This guy did apologize to her to pass along to me but I told her to tell him to either get a clue that there are people out there who may know more about something than he does and as long as he has that attitude he will not get good people there long.

Anyway.. soapbox now stashed.

__________________
Against the run of the mill, static as it seems

We break the surface tension with our wild kinetic dreams
Curves and lines -- of grand designs...

Tonight's movie "Soylent Green" has been brought to you by our sponsor - Waste Management

My mind is like a Steel trap - Rusty and Illegal in most states

streaker69

Question: Did you actually use the word 'stupid' at any point in time during the initial conversation?

__________________
"One of these days, I'm going to cut you to pieces."

If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum.

Thank you.

Barry

It was probably more along the lines of "dumb ass".

__________________
Penny's giving it up. She's giving it up hard. Cause she's with Captain Hammer, and these, are not the hammer...... The hammer is my penis. --- Captain Hammer, Dr. Horrible's Sing-Along Blog.

brwrdrvr

Way to go Starpoint!

I love when someone in a position to hire gets flustered when a candidate knows more than they do. If the guy was even a decent manager he would have recognized the skills you have and hired you on the spot. They key to having a successful team is to hire people around you with great skills and to give the team recognition for work well done.

I've seen it too many times in the different fields I have worked in. You learn more than the boss and then you get shit upon. Of course, telling the boss that "It's not rocket science" when he has a degree in that field doesn't help much either.

__________________
No I do not. I live in my own basement.

Starpoint

I said "it is stupid to broadcast the SSID since it tells anyone with a windows pc and a wireless card that there is a wireless network nearby"

He assumed I was calling him stupid.

__________________
Against the run of the mill, static as it seems

We break the surface tension with our wild kinetic dreams
Curves and lines -- of grand designs...

Tonight's movie "Soylent Green" has been brought to you by our sponsor - Waste Management

My mind is like a Steel trap - Rusty and Illegal in most states

brwrdrvr

AHHA you've been hanging in the forums too long. I am glad you held back and didn't use our usual words.

__________________
No I do not. I live in my own basement.

streaker69

Yeah, alot of people will focus on that word when they hear it instead of hearing what you said.

I would have said "it isn't wise..."

__________________
"One of these days, I'm going to cut you to pieces."

If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum.

Thank you.

Barry

Or "it's not a good idea".

__________________
Penny's giving it up. She's giving it up hard. Cause she's with Captain Hammer, and these, are not the hammer...... The hammer is my penis. --- Captain Hammer, Dr. Horrible's Sing-Along Blog.

King_Ice_Flash

At least you didn't use that fricking onion analogy. I am sick of hearing that one.

__________________
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."

streaker69

What's that one? The only one I heard is that Ogre's are like an Onion.

__________________
"One of these days, I'm going to cut you to pieces."

If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum.

Thank you.

brwrdrvr

Then everyone must only be telling you and not everyone else. I don't think I've heard that one. Why would everyone be talking about onions to you? What's that odor?

__________________
No I do not. I live in my own basement.

streaker69

We can't bust heads like we used to, but we have our ways. One trick is to tell them stories that don't go anywhere. Like the time I caught the ferry over to Shelbyville. I needed a new heel for my shoe. So, I decided to go to Morganville, which is what they called Shelbyville in those days. So I tied an onion to my belt, which was the style at the time. Now, to take the ferry cost a nickel, and in those days nickels had pictures of bumblebees on them. 'Give me five bees for a quarter', you'd say. Now, where were we? Oh, yeah...the important thing was that I had an onion on my belt, which was the style at the time. They didn't have white onions because of the war; the only thing you could get was those big yellow ones

__________________
"One of these days, I'm going to cut you to pieces."

If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum.

Thank you.

DaKahuna

We have had the discussion on broadcasting or not to broadcast the SSID at work a number of times. I know I am going out on a limb with this gang here but I really does not think it matters. If someone is looking for wireless access points and they are in range, then they will find it whether it is being broadcasted or not. Not broadcasting the SSID protects you only from the clueless and those are the one that you can defeat with most simple security solutions. The true wireless hacker is going to find your AP whether you broadcast the SSID or not so why not make it easier for your clueless employee's and go ahead and broadcast the SSID?

streaker69

I agree with this. I have two AP's at work, one broadcasts one doesn't. The one that doesn't, has only one client that is supposed to connect to it, and it's hardcoded to connect to only that AP. As for a hacker finding it, good luck I say, it's in a big metal building, when the garage door is down, you can't even pick up a broadcast from it. If the door is up, I'd think I'd notice someone sitting in their car in the parking lot screwing around with it. Plus, I have my syslog server email me everytime someone connects to that AP.

The other one is just an AP that I turn on in the conference room if we're having guests. It does broadcast, and that's just because it's easier for the clueless. When there's no one using the room, I actually turn the AP off completely.

But I do understand SP's point. In the place he was describing, it would be easy for someone to setup camp and not be noticed.

__________________
"One of these days, I'm going to cut you to pieces."

If you're offended by this post, please feel free to report it to one of the many helpful moderators of this forum.

Thank you.

Starpoint

I agree with your statement, I would like to add that SSID broadcast does not make a whole lot of difference if a TRUE WIRELESS HACKER wants on your network.. he/she will have the linux gear, scanners, custom antenna's etc to do so. In other words they are determined to do evil.

I am talking about the windows users.... Nix users (the serious ones) can forge mac address's and hide better so most the time you do not even know they have been there.

The example I give might make my point...... you have a building that has 4 companies in it.. one is a coffee house with an open wifi (free to use, and they hope you buy coffee from them) the other 3 companies use desktops/laptops etc..

They all have a policy about personal PC's and for the most part they do not mind if you bring your personal laptop inside to keep it from being stolen from your car, you just cannot connect it to the network (wired or otherwise) There is however a man page as to how to connect a company laptop to the company wifi (they do not use MAC filtering) and this man page provides the security settings. (I have seen this at places before)

1) what is to stop a person from using their company wifi on their laptop?
2) what would stop them from using the coffee house wifi to do whatever they want (IM's Myspace, Pron, etc) and with thumb drives being like they are, they COULD sneakernet company data over to the personal laptop, then upload it someplace.

Or.... if they can use another company wifi (one next door) then any detection and trace will end up next door. Like stealing your next door neighbor's wifi, its illegal but when the cops pull up in his front driveway for distributing kiddie pron, you know you need to shut down and hide the evidence.


So broadcasting the SSID may not keep out the serious hacker, but not broadcasting it will pretty much prevent the mass majority of people out there from playing on your network.

__________________
Against the run of the mill, static as it seems

We break the surface tension with our wild kinetic dreams
Curves and lines -- of grand designs...

Tonight's movie "Soylent Green" has been brought to you by our sponsor - Waste Management

My mind is like a Steel trap - Rusty and Illegal in most states