[ale] wpa_supplicant on hidden SSIDs

Jim Kinney jim.kinney at gmail.com
Thu Sep 26 12:42:46 EDT 2013 

Just name it "NSA_GOV" and use a long key :-)


On Thu, Sep 26, 2013 at 12:36 PM, Alex Carver <agcarver+ale at acarver.net>wrote:

> I know it could be discovered by a determined person, it was more about
> obscurity than anything else.  Let people aim for the "2WIREnnn" SSIDs
> floating around the area and skip over the blank one.  I've got MAC
> filters on there, too (still not perfect but better) so I'll just leave
> it up for a little while.  If I end up not using the wireless much I may
> just hide the SSID again.
>
> On 9/26/2013 08:58, JD wrote:
> > An old wifi-security checklist http://blog.jdpfu.com/pages/wifi-security
> >
> > Hiding SSIDs isn't really useful from a security standpoint and is known
> to slow
> > some network devices and prevent others from working at all on the
> "hidden"
> > network.
> >
> > Any wifi sniffer **will** see the SSID, BTW.
> >
> > On 09/26/2013 10:35 AM, James Sumners wrote:
> >> Oops, I overlooked the key detail of "v2".
> >>
> >> There's really not much point to hiding the SSID. It is easy enough to
> >> discover. Put a good WPA2 key on it and move on.
> >>
> >> On Thu, Sep 26, 2013 at 10:26 AM, Alex Carver <agcarver+ale at acarver.net>
> wrote:
> >>> That list shows the WPC54G versions 1 and 3 (Broadcomm chips) but not
> >>> version 2 (Texas Instrument chip).  Searching through the site brings
> me
> >>> to this:
> >>>
> >>> http://wireless.kernel.org/en/users/Drivers/acx1xx
> >>>
> >>> I think that means I'd need to find another card if I want to avoid
> >>> ndiswrapper and hide the SSID on my AP since it doesn't appear that
> >>> support is forthcoming in any short time frame.
> >>>
> >>> On 9/26/2013 05:33, James Sumners wrote:
> >>>> According to [1], the card should be supported _without_ having to use
> >>>> the ndiswrapper. You should be able to use the kernel provided b43
> >>>> driver. Then you would need a /etc/wpa_supplicant.conf file similar to
> >>>> the following:
> >>>>
> >>>> ~~~~
> >>>> ap_scan=1
> >>>>
> >>>> network={
> >>>>     scan_ssid=1
> >>>>     ssid="HiddenSSID"
> >>>>     bssid=68:7f:74:d3:a9:47
> >>>>     proto=WPA
> >>>>     group=CCMP
> >>>>     pairwise=CCMP
> >>>>     key_mgmt=WPA-PSK
> >>>>     #psk="A secret key generated with wpa_passphrase"
> >>>>
> psk=c86cdc6991f8db814d426c404a5222ff2a957bb795bad2785e1ccd299a2278cb
> >>>> }
> >>>> ~~~~
> >>>>
> >>>> However, it still might not work. I have a Netgear WNDA3100v2 that I
> >>>> tried to get working in the same situation a couple months ago. No
> >>>> dice. It's the first time I've messed with wireless in Linux in
> >>>> several years. I figured support would be better by now, but it's
> >>>> still abysmal.
> >>>>
> >>>> [1] --
> http://wireless.kernel.org/en/users/Drivers/b43/devices?highlight=%28wpc54g%29
> >>>>
> >>>> On Wed, Sep 25, 2013 at 12:08 PM, Alex Carver <
> agcarver+ale at acarver.net> wrote:
> >>>>> On 9/25/2013 06:05, James Sumners wrote:
> >>>>>> It really depends on the card. Some lspci/lsusb details would help.
> >>>>>
> >>>>> It's a Linksys WPC54G version 2 (using the Texas Inst. ACX 111
> chipset)
> >>>>> PCMCIA card.  It worked in XP using the normal Linksys drivers (as
> long
> >>>>> as I checked the option in the config that says connect even though
> the
> >>>>> SSID isn't broadcast).  I picked up the ndis drivers from the install
> >>>>> disk to use with ndiswrapper.
> >>>>>
> >>>>> If the AP is not broadcasting the SSID, debugging info on
> wpa_supplicant
> >>>>> shows that it scans over and over again but, because it can't see the
> >>>>> SSID, it skips the AP (the AP's MAC does show up in the scan list).
> >>>>> Once I turn on SSID broadcast, wpa_supplicant connects.
> >>>>>
> >>>>>
> >>>>> Here's lspci -v for the specific card:
> >>>>> 02:00.0 Network controller: Texas Instruments ACX 111 54Mbps Wireless
> >>>>> Interface
> >>>>>         Subsystem: Linksys WPC54G v2 802.11g Wireless-G Notebook
> Adapter
> >>>>>         Flags: bus master, medium devsel, latency 64, IRQ 11
> >>>>>         Memory at 30020000 (32-bit, non-prefetchable) [size=8K]
> >>>>>         Memory at 30000000 (32-bit, non-prefetchable) [size=128K]
> >>>>>         Capabilities: [40] Power Management version 2
> >>>>>         Kernel driver in use: ndiswrapper
> >>>>>
> >>>>>
> >>>>>>
> >>>>>> On Wed, Sep 25, 2013 at 3:59 AM, Alex Carver <
> agcarver+ale at acarver.net> wrote:
> >>>>>>> Has anyone ever gotten wpa_supplicant to connect to hidden ssids?
>  I
> >>>>>>> just got the wireless card on the laptop installed (ndiswrapper)
> and was
> >>>>>>> trying to connect to my AP which has broadcast disabled.  I
> couldn't
> >>>>>>> connect no matter what I tried (ssid_scan=1, ap_scan=1 and 2).  It
> >>>>>>> connects fine with broadcast enabled so the card is working.
> >>>>>
> >>>>> ______________
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
> >
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
-- 
James P. Kinney III
*
*Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
*
http://heretothereideas.blogspot.com/
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130926/a28c2a60/attachment.html>

More information about the Ale mailing list