[ale] wpa_supplicant on hidden SSIDs

Thu Sep 26 11:58:21 EDT 2013

An old wifi-security checklist http://blog.jdpfu.com/pages/wifi-security

Hiding SSIDs isn't really useful from a security standpoint and is known to slow
some network devices and prevent others from working at all on the "hidden"
network.

Any wifi sniffer **will** see the SSID, BTW.

On 09/26/2013 10:35 AM, James Sumners wrote:
> Oops, I overlooked the key detail of "v2".
> 
> There's really not much point to hiding the SSID. It is easy enough to
> discover. Put a good WPA2 key on it and move on.
> 
> On Thu, Sep 26, 2013 at 10:26 AM, Alex Carver <agcarver+ale at acarver.net> wrote:
>> That list shows the WPC54G versions 1 and 3 (Broadcomm chips) but not
>> version 2 (Texas Instrument chip).  Searching through the site brings me
>> to this:
>>
>> http://wireless.kernel.org/en/users/Drivers/acx1xx
>>
>> I think that means I'd need to find another card if I want to avoid
>> ndiswrapper and hide the SSID on my AP since it doesn't appear that
>> support is forthcoming in any short time frame.
>>
>> On 9/26/2013 05:33, James Sumners wrote:
>>> According to [1], the card should be supported _without_ having to use
>>> the ndiswrapper. You should be able to use the kernel provided b43
>>> driver. Then you would need a /etc/wpa_supplicant.conf file similar to
>>> the following:
>>>
>>> ~~~~
>>> ap_scan=1
>>>
>>> network={
>>>     scan_ssid=1
>>>     ssid="HiddenSSID"
>>>     bssid=68:7f:74:d3:a9:47
>>>     proto=WPA
>>>     group=CCMP
>>>     pairwise=CCMP
>>>     key_mgmt=WPA-PSK
>>>     #psk="A secret key generated with wpa_passphrase"
>>>     psk=c86cdc6991f8db814d426c404a5222ff2a957bb795bad2785e1ccd299a2278cb
>>> }
>>> ~~~~
>>>
>>> However, it still might not work. I have a Netgear WNDA3100v2 that I
>>> tried to get working in the same situation a couple months ago. No
>>> dice. It's the first time I've messed with wireless in Linux in
>>> several years. I figured support would be better by now, but it's
>>> still abysmal.
>>>
>>> [1] -- http://wireless.kernel.org/en/users/Drivers/b43/devices?highlight=%28wpc54g%29
>>>
>>> On Wed, Sep 25, 2013 at 12:08 PM, Alex Carver <agcarver+ale at acarver.net> wrote:
>>>> On 9/25/2013 06:05, James Sumners wrote:
>>>>> It really depends on the card. Some lspci/lsusb details would help.
>>>>
>>>> It's a Linksys WPC54G version 2 (using the Texas Inst. ACX 111 chipset)
>>>> PCMCIA card.  It worked in XP using the normal Linksys drivers (as long
>>>> as I checked the option in the config that says connect even though the
>>>> SSID isn't broadcast).  I picked up the ndis drivers from the install
>>>> disk to use with ndiswrapper.
>>>>
>>>> If the AP is not broadcasting the SSID, debugging info on wpa_supplicant
>>>> shows that it scans over and over again but, because it can't see the
>>>> SSID, it skips the AP (the AP's MAC does show up in the scan list).
>>>> Once I turn on SSID broadcast, wpa_supplicant connects.
>>>>
>>>>
>>>> Here's lspci -v for the specific card:
>>>> 02:00.0 Network controller: Texas Instruments ACX 111 54Mbps Wireless
>>>> Interface
>>>>         Subsystem: Linksys WPC54G v2 802.11g Wireless-G Notebook Adapter
>>>>         Flags: bus master, medium devsel, latency 64, IRQ 11
>>>>         Memory at 30020000 (32-bit, non-prefetchable) [size=8K]
>>>>         Memory at 30000000 (32-bit, non-prefetchable) [size=128K]
>>>>         Capabilities: [40] Power Management version 2
>>>>         Kernel driver in use: ndiswrapper
>>>>
>>>>
>>>>>
>>>>> On Wed, Sep 25, 2013 at 3:59 AM, Alex Carver <agcarver+ale at acarver.net> wrote:
>>>>>> Has anyone ever gotten wpa_supplicant to connect to hidden ssids?  I
>>>>>> just got the wireless card on the laptop installed (ndiswrapper) and was
>>>>>> trying to connect to my AP which has broadcast disabled.  I couldn't
>>>>>> connect no matter what I tried (ssid_scan=1, ap_scan=1 and 2).  It
>>>>>> connects fine with broadcast enabled so the card is working.
>>>>
>>>> ______________