Enhanced WiFi Security Patch For FreeBSD

Dan writes "Roland van Laar has a new, significant wi-fi patch for FreeBSD 5.1 and higher. The patch, available for download and testing, blocks clients with an empty or 'ANY' ssid and disables ssid broadcasting using the underlying firmware feature. SSID (Service Set ID) is used to identify wireless clients to a wireless / wired gateway. Wireless devices from the same manufacturer generally ship with the same default SSID. A beacon is a type of packet/frame that contains the SSID of a network. It is used to sync clocks on client devices and to make it easy for new network clients to see what networks are available. Preventing others from using your ssid is a means (although not foolproof!) of securing your wireless network."

Re:SSIDs?

[squiggleslash]

How do you mean "forge" SSIDs?

An SSID is just a small text string, typically a short word, used to identify networks. Typically you can ask your PC to list available networks and it'll provide you with a list of SSIDs, the joke being that most of them will have the names "DEFAULT", "BELKIN", etc. You configure your wireless hub to have a particular name, and then you'll be able to easily select yours. If you hide it, as the article suggests (not a particularly original feature, I'd guess most wireless hubs allow you to hide SSIDs, mine does), then it's still useful as you manually can tell your PC which network to connect to (eg enter the name) and it'll still find it despite the fact you've hidden the SSID.

If someone was to try to masquerade their network as yours - say, give their network the same name as yours so that you might connect to it by accident - then they could do so, but any other wireless security you'd have switched on would automatically defeat it (within reason - WEP, for example, is probably the most popular 802.11 security technology, but it's infamously insecure.)