EEVblog Electronics Community Forum
General => General Technical Chat => Topic started by: Halcyon on January 28, 2017, 06:33:13 am
-
I'm thinking about SSIDs for my home network. For years I've used just Home Network, Un-trusted Clients, Guest Network etc...
I was considering using my actual address such as 1 Something Place (Guest) as an example. Can anyone think of any negatives by doing this?
Yes, it'll identify to my neighbours who's taking up most of the channels on the 2.4GHz band but so what? It would be easy enough for someone to find that out (or guess) anyway. You won't see the network appear anyway unless you already know my physical address and are probably within viewing distance of it.
-
Your home address would become readily available via services such as https://www.wigle.net/ (https://www.wigle.net/)
I also wouldn't put "DMZ" or "Guest" in the SSID thereby informing outsiders what may or may not be available at each access point.
-
Your home address would become readily available via services such as https://www.wigle.net/ (https://www.wigle.net/)
Very good point. That's enough to me not to even consider it.
I also wouldn't put "DMZ" or "Guest" in the SSID thereby informing outsiders what may or may not be available at each access point.
I did think about that as well, but I need a fairly clear way of differentiating between them.
-
I named my network after my favorite cartoon duo. Easy to tell they go together but no other give away.
-
As a person who has WAY too many APs all at once in my house, I have a naming scheme.
My first AP, which was a 2.4ghz 802.11 N deal is named AMP-N
My second, which was a dual band 2.4 and 5ghz 802.11 N/AC deal is named AMP-2.4ghz and AMP-5Ghz
I suggest something simple. Take your username (Mine is Ampera on other sites) and shorten it to 3-5 characters. Now take the router frequency and 802.11 standard and add that.
Now number it among APs if you have multiple points with the same configuration.
-
As a person who has WAY too many APs all at once in my house, I have a naming scheme.
My first AP, which was a 2.4ghz 802.11 N deal is named AMP-N
My second, which was a dual band 2.4 and 5ghz 802.11 N/AC deal is named AMP-2.4ghz and AMP-5Ghz
<3 my Ubiquiti APs. You get a single SSID for the whole lot (and both frequencies), and clients just Deal With It (tm), roaming between APs and frequencies as needed.
-
<3 my Ubiquiti APs. You get a single SSID for the whole lot (and both frequencies), and clients just Deal With It (tm), roaming between APs and frequencies as needed.
+1
-
For 10 years I've had an AP named 'steve'. I don't really use wireless anymore so now its only turned on when I particularly want it.
'steve' sounds a little bit boring, but it is actually quite unique in my area. Most of the SSIDs which are broadcast round here have names like 'SkyXYZ' or 'TalkTalkXYZ'
-
If I was concerned about security, then I would pick an SSID which is similar to the other SSIDs in my area just to confuse a potential wardriver.
-
If I was concerned about security, then I would pick an SSID which is similar to the other SSIDs in my area just to confuse a potential wardriver.
Fun! :-+
-
CIA Van is one of my favorites in the neighborhood. :)
-
As a person who has WAY too many APs all at once in my house, I have a naming scheme.
My first AP, which was a 2.4ghz 802.11 N deal is named AMP-N
My second, which was a dual band 2.4 and 5ghz 802.11 N/AC deal is named AMP-2.4ghz and AMP-5Ghz
<3 my Ubiquiti APs. You get a single SSID for the whole lot (and both frequencies), and clients just Deal With It (tm), roaming between APs and frequencies as needed.
Yup, the Apple Airport/Time Capsules do this as well. It's very nice! Though, personally I still use the option to assign separate SSIDs to the 2.4 and 5GHz bands. (Because sometimes I'm in an extreme corner of the house and want to be able to force the system onto 2.4GHz.)
-
If I was concerned about security, then I would pick an SSID which is similar to the other SSIDs in my area just to confuse a potential wardriver.
Fun! :-+
Its no substitute for proper security, but there is a reasonably good case for picking a SSID for your network that looks like the typical default SSID for a wireless printer as no-one expects a generic wireless printer to have Internet connectivity. Pick one with no known exploits in the wild and of a brand you do not own!
-
Hmm, I wonder if one could have an SSID made up of space characters. I suspect firmware would trim spaces, which would thwart this from occurring.
Aha, perhaps I'll use: ...---...
-
A good one for casual deterrence of idiots is '--No SSID--' >:D
-
A good one for casual deterrence of idiots is '--No SSID--' >:D
Fantastic! :-DD
Also: SSID Hidden
-
As a person who has WAY too many APs all at once in my house, I have a naming scheme.
My first AP, which was a 2.4ghz 802.11 N deal is named AMP-N
My second, which was a dual band 2.4 and 5ghz 802.11 N/AC deal is named AMP-2.4ghz and AMP-5Ghz
I suggest something simple. Take your username (Mine is Ampera on other sites) and shorten it to 3-5 characters. Now take the router frequency and 802.11 standard and add that.
Now number it among APs if you have multiple points with the same configuration.
I use 3 Ubiquiti access points with a controller so there is no need to "name" each AP. It all appears as one SSID that services both 2.4 GHz and 5 GHz clients.
Refer to the screen shot below; All anyone sees is one SSID called "Home" but if you use a Wi-Fi analyser, you can see there are several access points servicing that network.
-
There are a couple of networks that come up on my WiFi scan.
The one that made me smile is this one: No Wifi For You :)
-
A good one I heard recently:
tellMyWifiLoveHer
-
CIA Van is one of my favorites in the neighborhood. :)
I like "FBI Porn Server". The CIA is not chartered for domestic operations.
If I was concerned about security, then I would pick an SSID which is similar to the other SSIDs in my area just to confuse a potential wardriver.
Its no substitute for proper security, but there is a reasonably good case for picking a SSID for your network that looks like the typical default SSID for a wireless printer as no-one expects a generic wireless printer to have Internet connectivity. Pick one with no known exploits in the wild and of a brand you do not own!
I agree but why give away anything for free? It is better to hide in plain sight with a nondescript SSID than to disable SSID broadcasts or even use a MAC white list both of which just gives a false sense of security.
If I am paranoid enough, then the WiFi goes on its own separate subnet but is isolated from the LAN. If I am really paranoid, then access between the WiFi and LAN is only via VPN. If I am more paranoid yet, then I isolate all of my LAN machines from each other on layer 3; a VLAN switch connected to a real router is handy for this.
-
I use 3 Ubiquiti access points with a controller so there is no need to "name" each AP. It all appears as one SSID that services both 2.4 GHz and 5 GHz clients.
Refer to the screen shot below; All anyone sees is one SSID called "Home" but if you use a Wi-Fi analyser, you can see there are several access points servicing that network.
Usually as long as the access points are on the same subnet and ethernet broadcast domain, roaming between access points will work whether the SSIDs are the same or not.
-
I like "FBI Porn Server". The CIA is not chartered for domestic operations.
There is one in my neighborhood that is named "NSA Surveillance Van".
-
I use 3 Ubiquiti access points with a controller so there is no need to "name" each AP. It all appears as one SSID that services both 2.4 GHz and 5 GHz clients.
Refer to the screen shot below; All anyone sees is one SSID called "Home" but if you use a Wi-Fi analyser, you can see there are several access points servicing that network.
Usually as long as the access points are on the same subnet and ethernet broadcast domain, roaming between access points will work whether the SSIDs are the same or not.
Yes it's a quick and dirty way of doing it but involves more configuration. Why configure 3 access points on each client (or 6 if I want to use both bands) when I can just do one? It's also the reason why I'm going to ditch pre-shared keys for 802.1x authentication, that way I can simply set up a guest login which I can change (or even disable) at will, without then having to go around to every other device on the network and change the settings. The less configuration needed at the client end, the better.
-
but if you use a Wi-Fi analyser, you can see there are several access points servicing that network.
I use the same app. Very handy.
-
Usually as long as the access points are on the same subnet and ethernet broadcast domain, roaming between access points will work whether the SSIDs are the same or not.
Yes it's a quick and dirty way of doing it but involves more configuration. Why configure 3 access points on each client (or 6 if I want to use both bands) when I can just do one? It's also the reason why I'm going to ditch pre-shared keys for 802.1x authentication, that way I can simply set up a guest login which I can change (or even disable) at will, without then having to go around to every other device on the network and change the settings. The less configuration needed at the client end, the better.
I agree that is more convenient. I do not think it is a big deal if you just have enough access points to cover a home.
-
Usually as long as the access points are on the same subnet and ethernet broadcast domain, roaming between access points will work whether the SSIDs are the same or not.
Yes it's a quick and dirty way of doing it but involves more configuration. Why configure 3 access points on each client (or 6 if I want to use both bands) when I can just do one? It's also the reason why I'm going to ditch pre-shared keys for 802.1x authentication, that way I can simply set up a guest login which I can change (or even disable) at will, without then having to go around to every other device on the network and change the settings. The less configuration needed at the client end, the better.
I agree that is more convenient. I do not think it is a big deal if you just have enough access points to cover a home.
I get that not everyone has a wireless controller and enterprise-grade access points, but if you do have that kind of gear (and let's be honest, you no longer have to fork out huge dollars to Cisco, Motorola or Aruba these days), then it's a much better solution.
-
I get that not everyone has a wireless controller and enterprise-grade access points, but if you do have that kind of gear (and let's be honest, you no longer have to fork out huge dollars to Cisco, Motorola or Aruba these days), then it's a much better solution.
I will settle for enterprise-grade or close to enterprise-grade access points like the Ubiquiti Nanostation Loco. Unfortunately Ubiquiti has not upgraded them from 802.11n. I am generally distrustful of anything which requires custom software for configuration.
My preferred setup is to place them on the perimeter facing inwards so the directional dual polarity patch antennas are facing away from outside transmitters.
-
You can also just put up a rude SSID and wait while innocence is lost around your neighborhood.
-
(http://blogstatic.freemake.com/wp-content/uploads/2013/10/2.png)
-
(http://blogstatic.freemake.com/wp-content/uploads/2013/10/2.png)
Probably an older couples' wifi. The boobies are starting to sag.
-
I came across...
"WellFlyForAWiFi"
recently.
Quite like that.
-
If you are using WPA (type of encryption) having a common SSID can actually be harmful. Their are multiple ways an access point password can be cracked. One of the ways it is done is doing a lookup in a pre-computed "rainbow" table. The ssid is used as part of the password generation algorithm. The creators of these tables want them to be as useful as possible so they pre-compute them with the most common SSIDs. It would probably be best if you avoid any of the SSID from this list: (warning is zip file) https://www.renderlab.net/projects/WPA-tables/SSID.zip (https://www.renderlab.net/projects/WPA-tables/SSID.zip)