On 2011/05/20 02:07, Marko Vojinovic wrote:
On Friday 20 May 2011 05:30:11 JD wrote:
> Tim, your points are way too generalized.
> No one said not broadcasting alone will make you
> safer. It is advised as part of the larger defense
> scheme
That is a very bad advice. Hiding SSID has *nothing* to do with any security,
and suggesting that it does is just a mirage, giving a casual reader a false
sense of security. It (a) breaks regular WLAN functionality and (b) gains
absolutely nothing in terms of security. Such a setup can be useful only if
you intentionaly want to break the regular functionality of your wireless
network. There are some scenarios where that might be useful, but none of them
have anything to do with security.
If you want to secure a wireless network, implement wpa2-psk/aes and use
strong passphrases for everything. That is the *only* thing that makes your
wlan reasonably secure. But hiding SSID, filtering MAC addresses, is just
useless in terms of security.
I believe that was Tim's point as well.
If you want real security use an encrypted vlan over the wireless link.
{^_^}