Packet capture showing the difference between a hidden SSID and a non-hidden SSID.
Пікірлер: 334
@TallPaulTech4 жыл бұрын
Maybe I should have been clearer in this video about how hiding SSIDs negatively affects roaming between APs. It seems a lot of comments are from people who are only thinking of single AP home type setups. There are technical problems with hidden SSIDs. I may make another video at some point to demonstrate this more clearly.
@brettshields72924 жыл бұрын
Please remove the word "Expert" from your title would make me less inclined to look for flaws in your tutorials and slow down your talking & hold on to the info that you are showing, not all of us are speed readers!!
@caseyhaan62404 жыл бұрын
Yes, please do. I'd like to see that demonstrated.
@caseyhaan62404 жыл бұрын
So have you decided to make a video with a demonstration of roaming?
@SmedleyButler14 жыл бұрын
Can anyone tell me why my new Technicolor brand, leased router/modem from COmcast/Xfinity broadcasts 3 to 8 EXTRA, unauthorized by me, HIDDEN, LOCKED access points (it fluctuates slowly and randomly? They don't show in any options in the router admin gateway on my end OR Comcasts end (supposedly). They're definitely from my router, verified 4 different ways including disappearing and reappearing when I turn my router off and on AND, the Comcast tech that came to my house, confirmed they were coming from my router (he nor his supervisor ever seen or heard of this but then again, they never used a "WiFi analyzer" app. Comcasts Tier 2 tech support tried to tell me it was the "open" network I had removed a year prior and couldn't understand what I was talking about. They SWORE, up and down they couldn't see any other networks being possilbe YET, 2 to 3 hours after speaking with them, it went from 8 unauthorized, hidden, locked networks (6 2.4 Ghz=2 5Ghz), down to 2! (Plus the one I use and named).
@Tenaka304 жыл бұрын
To be fair, this video solely relies of the con to using a hidden SSID is the pain of typing it in. Something that you will likely only do a couple of times at most if at all more than the one time when intially setting up. If you have techincal problems around hidden SSIDs then THAT is what this video should have been about.
@cxnato4 жыл бұрын
Hidden SSID's have a real world benefit that most people seem to miss. It's the benefit of not cluttering up the SSID list with wireless networks that are never intended to be joined by a human. For example, IOT devices on their own secure vlan, streaming media, security cameras etc...
@97Giorgos974 жыл бұрын
Exactly.
@hwfjj19894 жыл бұрын
That would be a good use for it. Don't let the click bait title fool you. The subject of the video is if you are using hidden SSID for security don't do it. Not to never do it for valid reasons.
@mindspecialist3 жыл бұрын
I agree, it has a benefit. If I have malicious intent, I am going to act on the one I can see.
@djabthrash Жыл бұрын
@@hwfjj1989 +1
@Tony770jr4 жыл бұрын
I think hiding the SSID is still useful as it hides it from casual users doing a scan of available networks.
@Otto452 жыл бұрын
@Infinite Possibilities What if he doesn't want anyone to see that there's a wifi signal coming out of his house? Its not always about security, but anonymity aswell.
@bxsdyycajun1292 жыл бұрын
It good. This guy don't know what he talkimg back. Lol,
@bretharrell97954 жыл бұрын
Just because there's not a security benefit to hiding an SSID doesn't mean it isn't useful. Come into my office and the only SSID you'll see on your phone is my Guest network. We have several other hidden SSID's for corporate laptops and other special devices (all secure). Hiding the SSID makes for the appearance of a clean environment and removes the question of which SSID people should connect.
@jaryH34 жыл бұрын
Putting crap under the carpet also creates an appearance of clean environment
@longwelsh4 жыл бұрын
I deploy 802.11 networks in entertainment venues for control. Hiding your BSSID is simply a way of stopping several thousand smartphones polling your AP constantly in the background. As a security measure it's not particularly effective, though I don't think anyone has really thought that it would be for many years.
@djabthrash Жыл бұрын
+1
@sstorholm4 жыл бұрын
Main reason I hide SSIDs in deployments is to remove any networks that users shouldn’t bother trying to connect to. Is the network only for certain devices with no UI? Hide the SSID. Is the network supplied via a GPO to clients and uses WPA2 Enterprise for auth? Hide the SSID. Etc. etc. ad nauseum. That way a user looking for the guest WiFi will see that at the top of the list, and doesn’t get confused. And it makes ever so slightly harder for an attacker to enumerate the infrastructure, not much, but ever so slightly harder. Does it stop anybody? No, but then again, most things doesn’t entirely. And security through obscurity does have it’s merits, try logging all connection attempts to a server exposing SSH on tcp22 to the internet, and then compare that to what happens if you move SSH to say tcp23.
@lrmcatspaw14 жыл бұрын
So let me get this right, the reason why the hidden SSID is bad, is because "I have to type it in manually", but the guy trying to find me needs more time and a bit more knowledge to find the SSID? ...
@CarnivalBen4 жыл бұрын
A friend of mine asked me to set WiFi up for his family, but he wanted it on a schedule that switched off the WiFi at 10:30pm, so the kids didn't stay up all night playing on their phones... so I also set up a hidden SSID for the parents to use late at night when the main SSID shuts down as he didn't want the kids to know there was another way to get on the internet... worked pretty well for them.
@NoHandleToSpeakOf4 жыл бұрын
CWNE88 could not think of that!
@ioannis69k4 жыл бұрын
CarnivalBen Why setup a hidden one and not another visible one with an unrelated name for the kids to guess that it is theirs ?
@XHACKER39004 жыл бұрын
ioannis69k why not using a .1x solution with time based access control on the RADIUS server - like a RPi. Shave off at least one channel to keep the RF clean, no hiding needed, more secure, adaptable for future extension.
@listerdave12404 жыл бұрын
I agree that hiding the SSID is totally useless for security and I don't think it was ever intended as a security feature. That does not mean however that there is no use for it. Just one example of many diverse uses - let's say you have a commercial establishment, like a shopping center and you provide free WiFi. Apart from that you have a separate network that is just for point of sale machines and maybe yet another for security cameras. It is pointless having the latter two show up on clients' SSID list when they go to connect to the WiFi network - it is just clutter. It's just aesthetics perhaps but why not make things cleaner and more sensible when you can at no cost?
@patsjoholm4 жыл бұрын
Security, no. But, when you've separated your WiFi into multiple SSIDs, using separate VLANs, it's nice to hide those that you do not need to connect to from your personal devices. i.e. I don't broadcast my IoT SSID, as no one needs to be able to quickly connect to it. So, to say don't do it, is not a very good thing. There are purposes for hiding, it's just not for security.
@TallPaulTech4 жыл бұрын
What did you acheive by hiding it for your IoT devices? How would having it visible enable people to "quickly connect" to it?
@patsjoholm4 жыл бұрын
@@TallPaulTech see answer from Tristan Nelson👍
@ELVTechnology4 жыл бұрын
I'm 100% with you Patrick.
@rafajrichard4 жыл бұрын
@@TallPaulTech It's about hiding it from other users. Also it looks nicer(?) when it's not shown in the list.
@mikelieberman69244 жыл бұрын
If you can't think of a reason, that's on you and not the technology. We deploy non-hidden SSID APs for the entire building. The hidden SSID's are used in places where there are already public SSID's available for general use. The hidden ones are WIFi routers are used to make sure, along with MAC address whitelists, that only those approved devices connect to it. These devices are not 100% foolproof, but with separate DHCP pools using a different subnet on a different IP block, and host allow/deny lists on servers, it is far more difficult to accidentally browse that network connection. As the power on the router wireless signal is set low and the concrete and rebar make it virtually impossible to browse from outside the area it is in. The hidden feature coupled with a public WiFi SSID in the same area provides cover and reduces the likelihood that someone goes looking for what I don't want them to see.
@monad_tcp4 жыл бұрын
That's it, hiding the infrastructure is good for keeping down the support calls, people will click the wrong network every time and then they will complain it's slow or doesn't work.
@jarsky4 жыл бұрын
I don't use Hidden SSID's for security, but I use it for a wireless bridge to other AP's because no one needs to see that and be confused by it as far as end devices.
@ThomasOrdon4 жыл бұрын
I've always told people hiding an SSID is not intended as a security measure it isin fact meant really for infrastructure networks soyou're not bombarded by a million Wi-Fi networks or your phone every five seconds saying there's a wi-fi network available
@troycording4 жыл бұрын
There is only one place that I have ever setup hidden SSID's in my 19 year career of a wireless engineer, and that was for a public guest wireless solution in the middle of a city and the sole purpose was to minimise DHCP exhaustion from every Apple device at the time (configured by default) to connect to any open wireless network and suck the DHCP scope dry in minutes as they walked past the network!
@djabthrash Жыл бұрын
which i think is also why in big concerts with big crowds routers from the stage (to control the mixing consoles remotely) have an hidden SSID
@charlesadamski_1974 жыл бұрын
I have to disagree that there's no benefit. I'll explain. At my work we have public wifi - weak signal. I installed some range extenders - It's a huge place. 200 employees. . Soon I was inundated with accusations of "breaking the internet" because the users would not clear their cache because they didn't know their various passwords and hadn''t rebooted in 3 years. . Suddenly the range extenders disappeared and so did the accusations. Where did it go? I dunno - It disappeared. They simply didn't have free WiFi anymore and I had peace. Only one of us has unlimited free internet now. . You're assuming here that the average user can actually do anything more than bumbling through calling somebody on their phone. That's about all they know and " don't touch my phone - it's perfect" . There is a place for hidden ssid's.
@VW_Fan2 жыл бұрын
You're assuming that people do this for security. But there are other reasons. For example we hide an SSID as users constantly tried to connect to this SSID instead of the Guest WIFI and generated heaps of service desk tickets. We hid the "problem" SSID and the calls stopped and users had a better experience.
@andynull886910 күн бұрын
Critical thinking is strong with this one
@ChrisFredriksson4 жыл бұрын
I have hidden SSID on my network, but it is basically only to "hide" it from regular network scan for when people want to connect to a new network. Not a security thing, just so it doesn't show up in the list and people might pick the wrong one. Also, I don't share my network with anyone so, there is no need to have it "visible" like default. I could of course go with a visible one, but why "clutter" the lists? :)
@soniclab-cnc4 жыл бұрын
We hide networks for thermostats and smart switches for larger installations in hotels.
@soniclab-cnc2 жыл бұрын
@Marc Menard you can always hide a cam if you wanted to.. I think that is offensive and would never do that. We only hide the network ssid of certain items as is recommended by some manufactures. For instance, Lutron Systems stated in their installation guide for the WiFi thermostats to create a "hidden" ssid and manually enter the SSID name. They have no auto connect function and you are forced to manually enter the details via GUI. Annoying but more secure. These all talk to the Lutron controller and server so I could see keeping these networks hidden as a priority.
@nutterztube4 жыл бұрын
I don't understand why people hide their debit/credit card from the public eyes instead of going around having their debit/credit card stapled on their forehead. After all, it is not like people who aren't supposed to use it will be able to use it anyway because they don't have the PIN of the card. So, yeah, DON'T DO IT.
@NonnofYobiznes4 жыл бұрын
Best analogy in the comments.
@highkicker114 жыл бұрын
There is a benefit its a extra step in cracking it. You just hate it because its less user and scriptkiddy friendly.
@arramos680210 ай бұрын
If you had home network sytem you should hide the main sevice provider router
@ELVTechnology4 жыл бұрын
There's no issue with hiding your SSID, just don't do so believing it's adding any significant security.
@jastekcameralive4 жыл бұрын
And it's just wonderful to know that you're just wrong it is extra security
@ELVTechnology4 жыл бұрын
@@jastekcameralive what?
@ELVTechnology4 жыл бұрын
@@jastekcameralive I said it doesn't provide any significant security advantage, whish is absolutely correct.
@jastekcameralive4 жыл бұрын
@@ELVTechnology Sorry but the only thing that is absolutely correct is that you are wrong. Sorry.
@ELVTechnology4 жыл бұрын
If you want to disagree, that's fine but how about backing up your claims? When any client associates to a hidden network the ESSID is sent in clear text as part of the association. How is this adding any significant security if it's easily discovered by passive monitoring during an association?
@BladeRunner215774 жыл бұрын
You clearly dont work with large amounts of devices and networks.
@midnightwatchman14 жыл бұрын
they serve purposes, I usually create hidden ones for the tech and admin staff, that has a fixed password not integrated with the radius authentication. so that I will not get questions from normal users asking how to attach to it. They are not a big deal and they are not security features
@cccccc8644 жыл бұрын
Pretty good reason too. Normal users would be asking for the password otherwise.
@davidreddick30164 жыл бұрын
I used to hide my SSID when I lived in a dorm. We weren't exposed to have any routers (I know a wifi AP is different but I had both). I know if someone in IT wanted to look for roge APs they could find mine but it limited my chance of someone locating it. I also broadcast only in 5G with the power turned way down and used an unused DFS channel so I wouldn't be overlapping any channels the school used.
@HRKnight4 жыл бұрын
David Reddick nice solution!
@cccccc8644 жыл бұрын
Having a good excuse not to give connection when there is someone at home having a party with a lot of people you don't know.
@GeneRogers-xl8wb4 жыл бұрын
Do Hidden SSID's help in privacy from google-maps, and other companies running mapping-cars on public streets to capture geo-located images/videos and SSID's ?
@davetdowell4 жыл бұрын
"it just makes it more of a pain when you have to manually set things in your phone"... yes that's the benefit. Wifi Hidden SSIDs - feel free to do it if you want or have reason to.
@Exploited894 жыл бұрын
You forgot to mention that usually when you "hide" something it just make people more curious about it... 😂
@gaBehcuoDsuoitneterP9 ай бұрын
So more of a pain in connecting your own devices to your network and not necessarily creating security bug vulnerability when hiding the SSID.
@datfella90634 жыл бұрын
Would this not stop the Google streetview wardriving car from updating its database of access point ssid/mac's ? or at least hinder it somewhat ?
@theincapable4 жыл бұрын
Do they really get that WiFi data from street view cars, or rather from the mobile devices. If it's only done by car there would be no data for areas where they have not been yet/can't reach.
@datfella90634 жыл бұрын
@@theincapable I'd assume its at least done by both those methods.
@arnoldb97434 жыл бұрын
The video title suggests that hiding the SSID is not safe, which is of course not true! I was about to restore the SSID, but I watched video to the end and I won't change anything.
@Andy-df5fj4 жыл бұрын
I have the best wifi security. It's too weak to barely even reach the rooms in my house and it can't reach further.
@jblevins23634 жыл бұрын
I can agree that hidden SSID should not be confused with network security, but it is not without reason. If you allow public WiFi access, it will help that public know which SSID to connect to if you hide your private, privileged SSIDs. It is also considerate in a network rich environment, like in or near an apartment building to hide your SSID to keep the available networks list shorter for your neighbors. To avoid the extra typing, just set up client devices first then switch to hidden SSID.
@bravejango124 жыл бұрын
It's the most basic form of wireless network security. Can someone sniff out your hidden ssid yes they can just like someone can kick open your front door but you still lock it when you leave. It's about opportunity why would I want to go through the hassle of sniffing a hidden ssid when I can just go after the place next door that isnt hidden. If someone wants into your network it wont help but it reduces the chance of a opportunistic attack.
@roygalaasen4 жыл бұрын
bravejango12 maybe because if you know how to hide it, you may have more interesting stuff on your network as well?
@bravejango124 жыл бұрын
@@roygalaasen or you spent five mins reading your routers manual. For most nefarious people it isnt worth the extra time to try to hack into a password protected network much less a hidden network when there are hundreds if not thousands of unprotected networks within a few mile radius.
@roygalaasen4 жыл бұрын
bravejango12 I don’t think that most people even opens the manual, but I don’t disagree with what you are saying. You are probably right. When I think about it, people who really knows their computer security would probably not rely on hidden ssid anyway, so you would only find the medium savvy networks by looking for hidden ssid.
@jblevins23634 жыл бұрын
@@bravejango12 I cannot imagine the case where a nefarious person would even look at the available networks list. Personally, I would drop a raspberry pi 0 in a nearby bush and let it do the hacking while I go to the lake.
@arminharper5104 жыл бұрын
does this also hide the bssid? cuz if it does then how can the hacker sniff incoming and outgoing packets without knowing which bssid to scan?
@MH11.112 жыл бұрын
Question, but you are capturing from with in the AP network this is why you see the packets correct me if im wrong. Now if someone is probing ssid's with a sophisticated sniffing tool they still can't see the ssid name because its not broadcasting right? unless they're lets say your mobile device thats been comprimised and are able to see your packets. I'm just trying to understand how can a wifi hidden connection get comprimised if during transit of credentials the devices are not that are comunicating aren't comprimised. Good video though on how to read the packet capture.
@AP-qc9hi4 жыл бұрын
Am I missing something. He says hiding said is a hassle. Isn't that the point? An expert will sniff out your said easily but hiding your said will deter the simply curious and that's something to consider. However disabling said broadcast reduces airtime efficiency by increasing mgmt overhead.
@quakeur3 жыл бұрын
Wow what an empty video. The only thing it demonstrates is that you have to type the ssid when it's hidden (wow breaking news) and that the protocol displays the ssid in handcheck (second breaking news). Security is provided by the strength of the key you created that's it. But it doesn't mean that you shouldn't hide your ssid for other reasons. And "oh no you have to manually type the ssid" is not a valid point at all. If an "expert" can't think of any usage, I guess it's time to drop the functionality. Or change the expert maybe? 🤔 Your choice
@BradMottram4 жыл бұрын
Great video! Thanks for sharing your knowledge with us!!
@jastekcameralive4 жыл бұрын
No knowledge at all. Wi-Fi Hidden SSIDs are a great idea and use.
@NoHandleToSpeakOf4 жыл бұрын
Easing the life for others by reducing the numbers of networks they are never meant to join does not count as useful.
@dude2443424 жыл бұрын
I assume your wireshark instance is already in the cwne88 network, this why you have the BSSID in this instance? if a hacker from outside has no clue what your wifi name is and doesnt know what type of router or AP you use for making the wifi connection possible, would it not be more challenging for them to get such info? i'm sure there are tools that can get info from mass probing, but there would still be a guessing game for passwords/phrases and so forth if the beacon advertisement (MAC addr) was captured. Seems like a much longer process than just showing a sniffer that is already on the network being accessed from your phone. still I'm open to correction and guidance in my understanding. If comment is accurate then like else rm -rf /
@TallPaulTech4 жыл бұрын
I can clearly see I'm going to have to make a follow up video to this one, as it seems to have made the Internet of Expert cry. The best part about your comment though is that you're open to correction. That's good. So keep an eye out in future when I'm going to go more into this (didn't think I'd have to) and I'll explain things further.
@snarf45 Жыл бұрын
I just do it to hide it from my neighbours. Theyre not at all tech savvy but they love complaining about my network pushing theirs away, so I just hide it now
@TallPaulTech Жыл бұрын
Haha, what do they actually say when they complain?
@mohammedaleissa866610 ай бұрын
Wondering why are your neighbors complaining about your network if it's only yours and not theirs?
@azharjamal20142 жыл бұрын
I like it when he said 'Just enjoy your network'.. cheers mate
@andynull886910 күн бұрын
so passive aggressive ... at least thats how it appears to me. He got anger vibes
@RicardoPenders4 жыл бұрын
I don't agree at all, I always hide my SSID because there are some people around me that I don't trust at all and by hiding my SSID I haven't seen any funny business anymore from them trying to get into my network and I also own a Raspberry Pi 3B+ which isn't able to connect to my wireless network when I hide my SSID which means I know that there must be more devices not being able to connect so to my opinion just for those two reasons alone I believe that hiding your SSID is better than just telling everyone around you here I am ready to get hacked. I also live right next to a public library, a school and a supermarket and that's another reason why I hide my SSID, I don't want all those people being able to see my network and I don't share my network with anyone not even with my friend because I just don't trust nobody so I will keep my SSID hidden because I believe it's beneficial to me. Best regards, Ricardo Penders
@getsideways72574 жыл бұрын
You forgot to add that those people are most likely curious brats who barely learned to access WiFi. Of course it's useless to hide the SSID from any half-serious attacker, but you can at least make sure it's out sight for the kids who don't know better than to mess around with their neighbors equipment.
@RicardoPenders4 жыл бұрын
@@getsideways7257 exactly right.
@hwfjj19894 жыл бұрын
But you can connect to hidden SSID on a pi you just have to configure it
@RicardoPenders4 жыл бұрын
@@hwfjj1989 I have it configured it manually and changed the necessary files but I can't connect to my router anymore so I don't know why exactly I can only tell you what happens here.
@hwfjj19894 жыл бұрын
@@RicardoPenders There is a option you have to add to the config don't remember what off hand.
@Robert-Dusek4 жыл бұрын
I see huge number of APs with hidden SSIDs and WPA2 Enterprise security in residential areas. What are they?
@SmedleyButler14 жыл бұрын
along with Glyphosate, vaccines, etc. all I can think of is Eugenics is all I can think of.......... I have 8 extra, HIDDEN, LOCKED access points coming from my router, I never authorized and I can't see or change my leased Comcast/xfinity Technicolor router. Tech support tier 2 says it's impossible but I know they're from my router b/c they disappear/reappear when I turn my router off and about 3 other things like they all have the same signal strength, same namce etc. Plus, they reduced to just 3 extra 2 or 3 hours after my call to tier 2
@yyni344 жыл бұрын
It helps if you don't want your neighbors to bug you for the password
@SomeGuy-tz8dz4 жыл бұрын
So what happens after the connection is established? Does the ID get transmitted when traffic for a website gets sent of received? If the ID only gets transmitted during the connection process, then there has to be someone monitoring the Wi-Fi during the connection phase. People driving by looking for Wi-Fi connection would probably miss things. After the connection most everything is encrypted is it not?
@TallPaulTech4 жыл бұрын
You're correct... mostly. A client will still probe even if it's connected (to potentially roam to a better AP). You can always just do a deauth anyway to kick the client off, to make it rejoin again and capture it at that point.
@RedShift54 жыл бұрын
Pfffr. There are legitimate use cases for hiding SSID's that have nothing to do with security. Do your research before saying it's crap and a blanket "Just don't do it". Expert--.
@djabthrash Жыл бұрын
this
@jaryH34 жыл бұрын
When the SSID is hidden and client configured to connect to a WPA network, is the SSID still sent in plaintext?
@WarrenSt.James_Guitarist2 жыл бұрын
its encoded in the handshake..but its encrypted...thats how you hack the wifi..it forces it off with a bad packet...the router has to reauthenticate..so it sends the key again...if it is forced off a few times(lol)..you can easily decode the handshake.
@azraaell3 жыл бұрын
How about so when people close by are connecting to a network and you don't want them to see the same network you use
@mike_x489549 ай бұрын
Is it okay to use hidden SSIDs for a wireless bridge? (Two directional Access Points as a transparent bridge to get network access to a remote building).
@andynull886910 күн бұрын
He just wants to be aggro... all or nothing... a blunt object ..... this must be a issue with work brought home to his channel
@alss9823 Жыл бұрын
Ok, so maybe i will keep my front door opened too, because anybody with the right tool can open it anyway if kept closed,right? so to keep it closed doesn't make sense i guess...C'mon...
@fmslickful Жыл бұрын
Stupid, if its open then why do they need a tool? Anyways, Hiding your SSID is like a lock just to keep an honest man honest
@yajnalgibno65368 ай бұрын
fr haha
@king40532 жыл бұрын
Hiding SSID is kinda useless when on pc because it will still broadcast that there is a network that is hidden hence the "Hidden Network" showing up on the WiFi list on desktop but not on mobile. This just attract hackers that uses laptop to force their way in your local network with more powerful tools. It's been years this has been implemented and I wonder why it can't be completely hidden. Just use the latest security standard WPA3
@mykala61144 жыл бұрын
Too many jargons for me to understand. I have a MeshForce and only wan to connect my work devices. I do not want my kids discovering an additional Wi-Fi network. How can I hide it? In the time being, I have given it a name similar to one of my neighbors so they would never notice it.
@xxn0cturn3xx23 күн бұрын
Bro is onto absolutely nothing 💀💀
@JtotheRizzo3 жыл бұрын
From your last comment/sentence you said at the end of this video mentioning "people having a false sense of security by hiding their SSID" tells me that your intent to make this video was to deceive people in thinking there is no reason to hide your WiFi SSID. In fact, there is absolutely a reason to HIDE your SSID. What people can't see, they can't hack (or at least it makes it more difficult). Think of it this way... Say there are two houses next to each other. The front door on the right house is closed and most likely locked (hidden SSID). The house on the left is clearly open (SSID NOT hidden a.k.a. Broadcasting). Which house would a thief hit? The point is hiding an SSID is a better deterrent than broadcasting your Wi-Fi's SSID name to the world. PERIOD! If you think your video would confuse people in determining your actual intent to educate people with APs, then take this video down and make a new one. You absolutely sound like someone that drives around looking at all the Broadcasting wifi SSIDs and tries to hack in and steal people's banking info!
@sixpackbinky Жыл бұрын
I didn’t hide it, it did it on its own!
@benberean38166 ай бұрын
You have agood young one which plays hide and seek,your assword pliz?
@ajw67152 жыл бұрын
I had a hidden network show up on my laptop and I could not turn it off. The next morning it was gone. What was this?
4 жыл бұрын
Isn't there a benefit of no useless probes? Wouldn't the wireless reception be better without all the probes in the air, especially in crowded spaces (e.g. at a concert)? Or is that effect immeasurable?
@TallPaulTech4 жыл бұрын
Probe requests come from the clients. With hidden SSIDs they HAVE to probe to see if the network they want is in the area.
@brodienz4 жыл бұрын
You really wouldn't want to do this for a concert or any public venue setup. Yes you lose some airspace due to beacons from the AP's (like less than 1%) but as long as you don't have a stupid setup and have your radios tuned correctly the gain in usability more than makes up for it. A hidden ssid makes roaming between AP's on the same network basically non-functional as by the time your device has sent a probe out every known channel you have potentially walked through the range of 3-4 other AP's (as it can be anywhere up to 90 or more seconds for the probing to complete). Also some devices just won't be able to connect to a hidden ssid at all, we are finding that Samsung devices running android 9 is about a 75% chance of failure.
@TallPaulTech4 жыл бұрын
@@brodienz Well now, how do you know what percentage are failing if you aren't using hidden SSIDs? ;)
@veckia4 жыл бұрын
@@TallPaulTech That's what test labs are for!!
@brodienz4 жыл бұрын
@@TallPaulTech Cause we tested it directly at our desks with a pool of around 12 devices.
@TwstedTV4 жыл бұрын
I just hard code the MAC address to the router for all the devices I want to access the router and ban everything else and hide my SSID. it works wonders for me for years. never had a problem. And my connections is super quick. Not to mention I run pfSense on my network :P
@veckia4 жыл бұрын
That is the most efective way I have to also give my password to friends and say: "oh... soo sorry the internet must be down, my isp is super crappy..."
@TwstedTV4 жыл бұрын
@@veckia There is only 2 friends that I would give access too. because they are not children and are married & have very respectable jobs as surgeons. They are not into stupid shenanigans.
@veckia4 жыл бұрын
@@TwstedTV Most of my closest friends are not even in IT biz... so, I can't trust my beloved network to them... lol... a few of them downloads games/apps from chinese makers, from unknow sources, or are into pocorntime, iptv stuff, torrenting, etc... nah i dont want that into my network or lab...
@NoHandleToSpeakOf4 жыл бұрын
@@veckia I got a separate SSID and VLAN for guests with throttled internet speed. No access to my internal LAN, no password to my WLAN, no worries :)
@veckia4 жыл бұрын
@@NoHandleToSpeakOf awesome, I'm too lazy for that... =)
@aksingh31334 жыл бұрын
hey bro , does hiding wifi causes any connection issue ?
@dennisvanmierlo4 жыл бұрын
Great video. I’ve heard that hiding the SSID will increase network traffic. I was hoping to see an answer in your video if this is true or not. Can you confirm this? Dennis 🇳🇱
@TallPaulTech4 жыл бұрын
I might have to think about a demo of the difference, as I can see a lot of people are crying about it. As far as an increase in traffic, it would be more so the excessive probing time that the client would have to do on roaming.
@myozone4 жыл бұрын
Your MAC looks like it's in Lidcombe ?
@joshwiliams54154 жыл бұрын
myozone lol wtf?
@danielduplessis22144 жыл бұрын
For hiding it from an average user it is usefull. A few tears back with data caps. And visitors asking if you have wifi
@kaboombaby10002 жыл бұрын
My phone detect a wifi signal not encrypted name it's name "wkwk" but according to my wifi security app it's has unknown ssid. What does that mean? Thank you
@CyberAbyss0074 жыл бұрын
You can use tools like Kali Linux with Airmon to watch all the SSID and once a device tried to connect to hidden SSID it catches it for you. Good video. Thanks
@roygalaasen4 жыл бұрын
Thanks for the summary. So everything is how I thought it to be then.
@CyberAbyss0074 жыл бұрын
@@roygalaasen - Yes, pretty much. I love how you showed the guts of the process. Good job!
@cyberjack3 жыл бұрын
same with airodump ,, even if its ssid hidden , soon as a client connects the ssid automatically shown .. so pointless having it
@pierrenagonio4 жыл бұрын
IMO is better to hide ssid. Don't want to show others if I have any wifi.
@ndiddylong4 жыл бұрын
bummer, i thought you were going to do a cain and able hack :(
@abualis11783 ай бұрын
what you should have done, is trying to capture communication between the 2 devices after authentication to see if the SSID will be shown, authentication happens one in year or so, but traffic every second
@wudao882 жыл бұрын
makes sense.
@PunchDrummer4 жыл бұрын
Why shout your identity and give your neighbors a hint of what to attack? I've seen people driving around in neighborhoods trying to connect to the neighbors' WIFI, and I can guess with relative certainty who's who on my street with the funny names (usually matching personalities :) ). Why offer your name and remove 50% of the guess-work for an attempted hack? OTOH, if you use security best-practices, you're safe, and it certainly is easier to manage your connections when you can see and click. Very nice explanation and visual presentation! Cool stuff to ponder.
@TallPaulTech4 жыл бұрын
I didn't say to name it anything meaningful, just don't hide it. If I were to look, I'd look for highest strength anyway, and being hidden wouldn't stop me at all... in fact, it would make me more curious about it. Don't touch - wet paint....
@brianchandler33464 жыл бұрын
My thoughts go here as well. From a technical standpoint, it may not be much more "secure" in relation to an attack itself, but if "secure" encompasses the ease of a stalker to find and identify a network, hidden is still better. Granted, it would depend on the skill level and funds of the nefarious actor, but any annoyance or extra step you can force on a bad actor isn't necessarily a bad call to implement. There you'd have to balance against functionality of an authorized user experience, but hiding is still a valid tactic for some risk cases.
@Wayne-Jones Жыл бұрын
But why is it less secure? I have a message on my iPhone that tells me that using a hidden network can expose personally identifiable information. Can you explain why this is less secure
@tims5241 Жыл бұрын
When you are away from home, your device's wifi adapter will be constantly attempting to connect to known networks (just as it does with any network). In the case of a normal network, it simply listens for the nearby access points until it finds a match. But with a hidden network, it constantly sends out authentication attempts for said network, doing so by sending packets containing the name of said network. Anyone listening nearby will be able to scan for this and immediately know the name of your home network, even if you are far away from home.
@AttiCarius12 Жыл бұрын
@@tims5241 so what your saying is don't use a hidden network if you don't want others to know the name of your home network? Which could be useful for a criminal to hack you're home network for all sorts of nefarious activity? Correct?
@tims5241 Жыл бұрын
@@AttiCarius12 Yes
@tims5241 Жыл бұрын
@@AttiCarius12 But in addition to that, and perhaps the bigger concern, is your phone will be constantly broadcasting this information anywhere you go in public. If an attacker is to become aware of your homes wifi network name, then can then stalk your location by listening to packets from your phone within a reasonable distance from it
@AttiCarius12 Жыл бұрын
@@tims5241 couldn't one simply just turn off their Wi-Fi when they're away from home and their phone would stop broadcasting or am I missing something? Forgive me if it's already been said I'm just trying to understand how to be more secure with my phone
@monad_tcp4 жыл бұрын
Want to hide your network: use cables
@mesaber864 жыл бұрын
Thats easy on WiFi to phone. Just plug that RJ45 into 3.5mm.
@TimHoppen4 жыл бұрын
@@mesaber86 I plug my RJ45 into a USB-C to Ethernet adapter. It works like a charm on my Android phone.
@SlickBlackCadillac4 жыл бұрын
@@TimHoppen I secretly envy people who go thru the trouble. I love wired just as much as anyone else...well I thought I did
@djabthrash Жыл бұрын
Tell that to the audio guy in the concert that has to go in the middle of the crowd with his tablet to adjust his mix or to go on stage in many spots to adjust monitors. I love cables but sometimes wireless is needed.
@SusanAmberBruce4 жыл бұрын
What's that screen you got? please!
@jaryH34 жыл бұрын
Hidding SSID seems like removing the handle from your door to achieve "better security".
@blink62804 жыл бұрын
Advanced Tenchology average users doesn’t care much about the security... they just don’t want others to know they have wifi... so hiding ssid seems the best choice... and yeah what you said seems great except for the security... removing handles from your door to avoid guests 😂
@matejhlaca51714 жыл бұрын
This is my thinking...If you have a home with your private wifi and you hide the ssid you must put the credentials maualy only once on every device...there are 99% people that will thought that in your house is no wifi and this is good (no password guessing or trying to get on the wifi)...but there is also 1% of "smart people" and hackers that can shiff the network...but the main fact is that 99% of regulary people if the smart phone are not showing the wifi think that there is no wifi. Soo in some way I thing that hide SSID is no so bad idea.
@WarrenSt.James_Guitarist2 жыл бұрын
there is USUALLY a geek in every neighborhood...a some middle/high school teen with a little too much time on their hands.....plus the fact..that software for penetration testing is open source linux,which can be downloaded for FREE... backtrack 5 R2..or KALI...if they removed it..leave it alone..dont want anybody trying to steal your wireless...PUT STATE POLICE AS THE SSID....OR FBI...😎
@Luscious31744 жыл бұрын
BSSID is meant for when you don't want your network to be "visible" to other clients. Knowing the SSID allows a client to not only remember the network but also subject that AP with access attacks. To put it another way, if a device cannot identify your network (even if it can see a hidden one), it won't be able to attempt to connect. The way you make a BSSID secure is to enable WIRELESS ACCESS CONTROL on your AP. Now even if the client does have the BSSID and password the AP will boot it off at the MAC address level if that device hasn't been added to the list of unique MAC addresses allowed to connect. And without physical access to the AP first, being able to connect any device will be impossible. This holds true when trying to connect to a shared guest network as well that requires no password. If you go through a lot of wireless devices frequently (tech reviewer) it can be a pain to constantly update this list, but if you only have a few clients around setting this wireless access list will only need to be done once. Combined with a BSSID it will make your network pretty much invisible and impossible to connect to for outsiders. But no, telling people just to not use BSSID is WRONG when it actually gives you an additional layer of privacy FOR FREE.
@TallPaulTech4 жыл бұрын
The BSSID is the MAC address of the AP. It is never hidden.
@darkpsion4 жыл бұрын
It takes a few seconds to reveal hidden SSID names without even connecting to the AP. Also your client device will constantly be requesting these "hidden" networks everywhere you go to see if they are in range, this lessens your security/privacy as someone will be able to determine where you have been without even having access to your device. All this takes mere seconds.
@Luscious31744 жыл бұрын
@@TallPaulTech And what exactly does knowing the MAC address of my AP get you anything useful? You still can't connect if I have access control turned on LOL
@hwfjj19894 жыл бұрын
@@Luscious3174 I mean if you can spoof an accepted ip and Mac address you can still by pass access control. Since the ap thinks it is a client that should have access.
@pieterlombard19943 жыл бұрын
Your voice tone sounds like someone who knows what he's talking about, but that's about it.
@imark77777774 жыл бұрын
Question, I know somebody who insisted on running their temporary and mobile network with the SSID hidden, saying that it avoided having the crowds trying to pin it looking for an internet connection during the concert trying to connect bogging down the control Network. If I'm remembering this right he also used WPA2 encryption, so I was like nobody's going to be connecting to it anyway they don't have the password. And cell phones aren't really going to be pinging it any more than they would to get the name which is broadcast. I am fairly well-versed in networking and audio and this person was more to the latter so when he had it set up and working then you didn't want to touch it. it didn't help that I plugged in my access point and suddenly nothing worked when he turned it on so I must be the problem. Consequently I spent a literal hour trying to connect to his Network because I kept getting the spelling wrong without knowing it, and I couldn't get the spelling right because I couldn't connect to the internet to use speech to text. Which is one of the reasons why on my networks on a temporary basis still connected to the internet if I can. Of course what also didn't help is that we were all standing in a giant white parabolic dish Bandshell boiling away....
@michaelc26442 жыл бұрын
Such foolish advice. it is the difference between passive or casual listening and intentional snooping. When you hide the SSID one must be snooping to get the information. When you are broadcasting, it is easily seen all of the time. This is substantial. I hope you do not put yourself out there as a CISSP or similar.
@bxsdyycajun1292 жыл бұрын
Say it again
@1John3.82 жыл бұрын
Before even watching, I'm gathering that he's making a claim that hiding the SSID provides no actual security and is therefore a bad thing. While this "security through obscurity" concept not actually being security is of course true, I completely agree with your comment that it does zero harm to hide it in conjunction with good-practice security measures. Use the highest level encryption, strong passphrases and all that good stuff, but hide it as well.
@xmancer6704 жыл бұрын
sadly there's no hacker in my neighborhood :( so i keep my ssid hidden :)
@crowbaril9032 ай бұрын
Why do all secure buildings hide them then
@TallPaulTech2 ай бұрын
They don't.
@ajw67152 жыл бұрын
I have a hidden network that comes and goes on my computer What is causing it? I am not doing it.
@frantahouska2 жыл бұрын
call Ghostbusters
@user-lk2vo8fo2q4 жыл бұрын
requiring a packet capture to even interact with your AP is, objectively speaking, a security improvement even if it is a trivial one. i'll admit that's kind of a pedantic point though. on the other hand, if you have an AP that is only ever going to connect to a few devices that rarely change (e.g. a home network for your phone and laptop), then why not have it tell other devices in the area that it's supposed to be ignored? isn't that what the feature is for? broadcasting your ssid is a little bit like having a public DNS entry that points to resources on a private network. it doesn't impact security (beyond i guess leaking a bit of information), but what is the point of broadcasting information that is only useful to clients that already know it? it's just messy. i understand the purpose of this video is to set people straight if they think "hidden" means "the ssid is a second password" but i'm not sure that's a common misconception among people who even know that hiding your ssid is an option (as evidenced by the comment section of this video.. if lots of people were coming here after seeing "hidden ssid" in their wifi settings and thinking its a security feature i feel like most comments wouldn't be some variation of "yeah obviously it isn't for security; i use it for XYZ though, so it isn't totally useless". i got here because i was looking for information on the roaming/autoconnect issues you eluded to, for example).
@arramos680210 ай бұрын
If you had a single direct wifi router ,you shouldnt hide it , if you had home network system you can hide the main service provider router.
@KieranMahoney5 ай бұрын
What
@JoBuGAMING3 жыл бұрын
heeeey im in a big trouble now. please help me asap :(. i was in the toilet. i was curious about wifi settings. then i messed up. i think what i did is hide the SSID. but when i try to type the SSID and PW with the right upper and lower case still i cant find our wifi. my guess is the one who renamed out SSID have spaces and bcoz its invisible i have to random guess it. or not i dont know. but i cant find our wifi. im only using my smartphone and i have no other device at home. pleaaase can you show or teach me other option. like even how to factory reset this wifi so that i can start from the basics again
@samuelveen70473 жыл бұрын
Fixed?
@icecream71392 жыл бұрын
same I have the same problem
@dontaskiwasbored20082 жыл бұрын
Find a pin or paper clip. There's a tiny reset button on most routers. Push it for like 10 seconds. Then set everything back up like you did when u bought it.
@crtlallaw2 жыл бұрын
Use cable to connect to a pc and then edit your network
@shady4tv4 жыл бұрын
This has always confused the shit out of me. I absolutely agree it's not a good overall security solution as it really doesnt do a whole lot in the way of hiding the SSID since what hackers are targeting is the handshake which contains the SSID. Plus the supplicant (client) is screaming "Does $SSID exist here" into the airwaves (If the client is storing the profile for the SSID and wireless in enabled on the device). But if you are not constantly connecting clients to the SSID this absolutely can make it more challenging (Not impossible) for a bad actor to enumerate the SSID of your network. Yet everyone seems to take the "It's bad security practice to hide your SSID" approach or "Dont do it" as you put in the video title. Everything you do to make it mildly more challenging for an Attacker is good security practice. Do the cons outweigh the benefits? I think that is more subjective than anything. The core of the issue here is the handshake tho - NOT whether or not your beacons contain the ESSID.
@TallPaulTech4 жыл бұрын
I can see I'm going to have to do a follow up video on this! Don't forget the part I said about clients roaming. It's harder and longer for them to do if SSID is hidden. Knowing your SSID is not a security problem. Pick a random string or something, it doesn't matter. That's not where the security mechanism is.
@TallPaulTech4 жыл бұрын
Good to hear you've done your setup right
@shady4tv4 жыл бұрын
@@TallPaulTech "Knowing your SSID is not a security problem. Pick a random string or something, it doesn't matter. That's not where the security mechanism is." I agree entirely! this is what I'm not i'm arguing here. I also agree that marketing it as anything more than what is does is really misleading and dangerious. What i'm not really grasping is how it's "bad" to have a Hidden SSID. The first thing an Attacker is going to going to do is recon and enumeration. The attacker will try to gather as much public information as possible to help get a better understanding in the layout of the attack. If you can slow this down (even a little) it would benefit overall security.
@elreydetoda4 жыл бұрын
I have actually had one IOT device not allow me to enter in a hidden SSID and another IOT device say that the SSID didn't exist when I set it right on top of the AP (which was doing both frequencies 2.4 & 5Ghz). So it can be an accessibility problem.
@mylifeisnotyours9 ай бұрын
Yeah I can see that in the wire signal is eak
@abdullahseba43754 жыл бұрын
I don't think this video makes much sense... You had to know the SSID in the first place. It's a form of security by obscurity in my opinion.
@getsideways72574 жыл бұрын
As if that's something bad. Militaries of the world have been using security by obscurity for a long time now. Seems to work for them...
@hwfjj19894 жыл бұрын
You must of missed it. You can capture all traffic in the area and wait for the handshake between a client that already knows the SSID. Which will happen Everytime someone comes home and their phone connects to the network.
@getsideways72574 жыл бұрын
@@hwfjj1989 Not every kid will be able to come up with the idea (and this very video definitely gives them one or two). Against a serious attacker nothing will help anyway, but it's not like we deal with those all the time.
@abdullahseba43754 жыл бұрын
@@hwfjj1989 That doesn't reduce from the "security by obscurity" tactic...
@JeanPierreLavoie4 жыл бұрын
I still don't understand why you say there is no benefit in hiding the SSID. If no one is connected with an iPhone, let's say you are away on vacation, the SSID is not transmitted at all and no one can discover it. Am I right?
@hiddenfromyourview4 жыл бұрын
Literally anything connected to the wifi network will give away the SSID. Sure it won't show up for the common person with their phone - you're not worried about them really... but an attacker can easily see the hidden network and know that 1) You've got something to hide. 2) You know how to potentially hide it.
@FurrySergal4 жыл бұрын
@@hiddenfromyourview Like any form of lock, the only kind of person it's meant to keep out are honest ones.
@TallPaulTech4 жыл бұрын
That's exactly right.
@mrgg25094 жыл бұрын
Still going to keep my ssid hidden :)
@DoktreSam3 жыл бұрын
Sure, there't no point of hiding our SSID in the house because everyone is a networking expert and often use the packet capture software to look for hidden SSIDs around their house. Got it.
@8legged3 жыл бұрын
Yeah, anyone who knows the ssid already can packetcapture and filter using the already known ssid in order to see the ssid :P
@yajnalgibno65363 жыл бұрын
haha love that sarcasm bru
@yajnalgibno65363 жыл бұрын
like seriously I would not be surprised if this guy tell us not to Use an Antivirus software
@dontaskiwasbored20082 жыл бұрын
I think the point he's making is that someone else could sniff your SSID when a trusted device connects.
@dontaskiwasbored20082 жыл бұрын
Also, in this modern age, you should be using the security built in to your OS. AV software is almost always bloat, and a lot of it is scammy, even the big names.
@--_-_-_-_-_-_-_-_4 жыл бұрын
What about a point to point link.. isn't it a good thing to hide the ssid
@drewprof4 жыл бұрын
Stating the obvious ;)
@Covers704 жыл бұрын
I see all these people disagreeing in the comments, but he is absolutely correct. A person doesnt even need your ssid to attack your wifi or to attempt to crack the password. With airmon-ng on a kali box I can get your bssid which is all someone would need. The best security measure you can take is to have a long password. I personally use a phrase with the words spaced with special characters and numbers.
@TallPaulTech4 жыл бұрын
Thanks mate. Glad someone realised there was a point to me making the video! There is one thing I need to correct you on though. The BSSID is simply the MAC address of the AP transmitting. You don't need anything special for that, as you can see it in my packet captures shown in the video with just Wireshark.
@Covers704 жыл бұрын
@@TallPaulTech Yeah I know that the bssid is also the mac address just didnt feel the need to include it. Ive played with kali a lot but still learning the filters for wireshark. Im only in my second semester working on my associates in cybersecurity and networking. Dont have any certs or anything yet.
@GoodHydration4 жыл бұрын
Covers70 a long passphrase doesn't help you when someone captures your packets after a disassociation attack. The best method is security in layers (security in depth), or in other words, making it so tedious that the hackers give up to move to an easier target. hidden ssids, good password complexity, and port security such as client MAC address filtering and/or access control lists... combined, these will create a site that is less feasible to attack.
@Covers704 жыл бұрын
@@GoodHydration When someone captures your handshake after a disassociation aka deauth attack. They still have to crack it with a password attack using something like john the ripper or hashcat. An extremely long password is almost impossible to crack as it could take several years to run through enough iterations. Hiding your ssid does absolutely nothing you do not need it at all to attack wifi, and in my classes we always referred to multiples layers of security as defense in depth. Mac address filtering is practicly usless as its extremely easy to spoof a mac address. As long as someone is on the wifi you just clone their mac.
@GoodHydration4 жыл бұрын
Covers70 sure, I'm glad you agree about defense in depth, but you also have to understand that password length and password complexity are two different things.
@ParkerGraysonNZB10 ай бұрын
"well apart from being crap" okay, you have my attention hahahahahahaha.
@oglajordan2 жыл бұрын
How is this not an added level of security?? it’s not useless…
@jbattam Жыл бұрын
But it add zero security. Any packet capture of clients roaming shows the hidden SSID. Which anyone with a clue, especially a potential hacker can obtain in seconds.
@andynull886910 күн бұрын
@@jbattam So just broadcast the ssid cause to do the contrary is wrong. It is a feature that must have a purpose?🤣
@stevenxdavis3 жыл бұрын
This music. 10/10
@leathernluv4 жыл бұрын
No real hackers in the comments... We now have an idea about his home security system (a penetration tester will notice it.) I won't/can't exploit this knowledge, but he should have turned the camera down a couple of degrees. This is not something you should advertise. All the same, fun video.
@TallPaulTech4 жыл бұрын
...about time
@MDelReyy3 жыл бұрын
I do it
@pb41633 жыл бұрын
I was expecting more, for example in the PCAPs to see more detail being shared on hidden vs broadcast, I was disappointed in this video. Didn't learn anything, not a single thing. I was expecting more from a CWNE, apparently that designation is like the CEH, just because someone has a CEH(Certified Ethical Hacker), one would think someone who has the CEH is a hacker, frequently they definitely are not hackers, the certificate title tricked me. I'm thinking CWNE is the same after this video, just because the certificate contains the word expert....I wouldn't be too sure after this video.
@Grynfelt3 жыл бұрын
If a doctor would explain a disease to normal people, they wouldn't bother explaining everything because there's no point, you wouldn't understand it without base knowledge, also he somehow explained it, if you hide your SSID and never connect to it, it is safe, if you manually connect to it someone can still hack into it because the information is there.
@pb41633 жыл бұрын
@@Grynfelt the fact that what you took away from this video was that if you hide your SSID and never connect to it than it's safe....it's not safe at all, there are tools that send broadcast and will give you the ssid name etc... hiding an ssid isn't really any safer than broadcasting it, it's like leaving a key under your mat(hidden ssid) or leaving it in plain view,