How to sniffer the SSID even disable it's broadcast
Hi all experts,
i read some article talk about the wirelesslan's security. Said even we disable the SSID broadcast, hacker also could use public s/w to sniffer the message to get the right SSID. But this article was not detail description on the deepth technology. So any one could explain how does it happen? I am learning on WiFi thease days..... Thx in advance.
PS. so good to found this forum to raise my question and open discuss with all.
Yes you can use linux (with monitor mode patch) and ethereal or kismit to capture packets whether of not the SSID is being broadcast.
You can also use AirMagnet laptop or handheld to detect hidden SSID and monitor traffic.
Does SSID will also be contained in the alternate-message between the AP and client? Even the connection have been set up?
I found some guy said that the sniffer tools should gather enough packet which some valuable init message in it so that it will have SSID deepth in it.
not sure whether is ture.....
It you monitor the client association process with a sniffer you can get the SSID in most cases.
You should be able to see the ssid using basic wireless sniffers like netstumbler as well as capture packets using ethereal/Kismet(Linux based) irrespective of broadcast ssid parameter.
Thanks & Regards,
This should give you a clear picture.
Many APs by default have broadcasting the SSID turned on. Sniffers typically will find the SSID in the broadcast beacon packets.
Turning off the broadcast of SSID in the beacon message (a common practice) does not prevent from getting the SSID; since the SSID is sent in clear text in the probe message when any client associates to an AP.
Thanks & Regards,
netstumbler will not detect a AP with a hidden SSID.
You need a more advanced tool like AirMagnet or linux with kismit, ethereal and monitor mode patch.
quite helpful info to me and i get the clear view on this topic.