wpa_supplicant / ndiswrapper / Dell WLAN 1450 / Slackware

Philip H. Schlesinger pschlesi
Thu Dec 23 16:48:09 PST 2004


Hey hot shot: I was a panel member of BiCSi's Wireless Design Specialty 
curriculum design committee (and the person they turned to when we got 
to the 802.11 section).  Rule #1 of wireless security is to turn off 
ssid broadcast.

So drop the opposition, please?

- Phil

Stefan wrote:
> Philip H. Schlesinger wrote:
> 
>> Dear Stefan,
>>
>> Very simple: my D-Link 614+ hides itself quite well from netstumbler. 
>> Given that I've now seen WPA cracking tools on the Internet (haven't 
>> tested them yet), I'd rather not advertise if I can help it.
> 
> 
> Nonsense, you cannot hide your radio transmission you either transmit or 
> you don't if you do everyone with a wireless sniffer can see it unless 
> he doesn't operate in the same frequency band.
> Even if there was a technique that could prevent the detection of a wlan 
> router , then the 614+ doesn't have it I know that router very well and 
> it can easily be scanned with netstumbler or NAIs wireless sniffer even 
> if ssid broadcast is off.
> 
> WPA cracking Tools are brute force tools which are able to crack only 
> very simple passwords, WPA is absolutely secure unless someone is using 
> a weak password which can be guessed or found out by looking up a 
> dictionary.
> Anyways, if some alien outerspace dude is breaking your wpa key, than he 
> has got your ssid too, since it is transmitted all the time, if he has 
> the wpa key he can read the ssid :-)
> Therefore If you are scared you should read a bit more about wirless 
> security
> 
>>
>> - Phil
>>
>> Stefan wrote:
>>
>>> pschlesi at uci.edu wrote:
>>>
>>>> Dear Jouni,
>>>>
>>>> Both of those suggestions worked!  ap_scan MUST be set to 1 for my 
>>>> D-Link
>>>> 614+ (0 or 2 won't work) - it won't talk to it in any other fashion
>>>> (scan_ssid can be 1 or 0).
>>>>
>>>> However, I had to make one modification to my D-Link 614+ (firmware 
>>>> 3.43)
>>>> - I had to enable the broadcasting of my ssid (which I'd rather not 
>>>> do). 
>>>
>>>
>>> What reason is there not to enable broadcast?
>>> Not broadcasting the ssid will only fool your neighbor, but someone 
>>> who is sneeking around your place with netstumbler etc.
>>> will see that you got an ap running.
>>>
>>>> Is this a wpa_supplicant or a ndiswrapper issue?
>>>>
>>>> Ideas?
>>>>
>>>> - Phil
>>>>
>>>>
>>>>  
>>>>
>>>>> On Wed, Dec 22, 2004 at 10:33:56AM -0800, Philip H. Schlesinger wrote:
>>>>>
>>>>>  
>>>>>
>>>>>> wpa_supplicant.conf:
>>>>>>
>>>>>> ctrl_interface=/var/run/wpa_supplicant
>>>>>> ctrl_interface_group=0
>>>>>> #
>>>>>> # home network; allow all valid ciphers
>>>>>> network={
>>>>>> ssid="ssid is entered here (not going to reveal it)"
>>>>>> scan_ssid=0
>>>>>> #ap_scan=2
>>>>>> key_mgmt=WPA-PSK
>>>>>> psk="key is entered here (not going to reveal it)"
>>>>>> }
>>>>>> #
>>>>>>
>>>>>> Note, by the way, that the ap_scan line, while I'd like to use it,
>>>>>> doesn't work - I get "Line 8: unknown network field 'ap_scan') 
>>>>>> (this is
>>>>>> PROBLEM 1)
>>>>>>     
>>>>>
>>>>>
>>>>>
>>>>> Please note that ap_scan is a global variable like ctrl_interface, 
>>>>> i.e.,
>>>>> it cannot be used within a network block.
>>>>>
>>>>>  
>>>>>
>>>>>> Line 1: Invalid configuration line
>>>>>> 'ctrl_interface=/var/run/wpa_supplicant'.
>>>>>> Line 2: Invalid configuration line 'ctrl_interface_group=0'.
>>>>>>     
>>>>>
>>>>>
>>>>>
>>>>> Looks like you have built wpa_supplicant without support for control
>>>>> interface. You will need to have CONFIG_CTRL_IFACE=y line in 
>>>>> .config if
>>>>> you want to use the control interface.
>>>>>
>>>>> -- 
>>>>> Jouni Malinen                                            PGP id 
>>>>> EFC895FA
>>>>>
>>>>>   
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> HostAP mailing list
>>>> HostAP at shmoo.com
>>>> http://lists.shmoo.com/mailman/listinfo/hostap
>>>>
>>>>  
>>>>
>>
>>





More information about the Hostap mailing list