Can I hide a wireless network

Is there any way to "not advertise" my wireless network to the world in Windows XP SP3? I'm not relying on this for intrusion security. I've read the article. My wireless network has WPA2 with a secure password that only I know.

At the same time, I do not really want to advertise to the world that I have a wireless network. It's a relatively public location with no other WiFi anywhere nearby; I don't need 100 strangers walking in to ask if they can "just use my WiFi" for a moment. Call it stumble across security.

NOTE: Regarding security, I'm not so worried about packet sniffers tracking me down. The data is all secure anyways. 1 in 1,000 people will find the network, and see it's encrypted. Somehow I don't think they'll walk in and say "I packet sniffed out your hidden network, do you think I can use it for awhile?"

just.another.programmer

Posted 2013-05-22T12:54:14.297

Reputation: 645

4You should be able to set it to "hidden" in your router, this is not controlled by the PC. – terdon – 2013-05-22T12:57:14.177

3As @terdon said, this is done through your router and not via your PC. You need to provide more information in your question, what type of router is it? Brand and model? Most routers give you the option to disable the "SSID Broadcast." – TheFlyingToaster – 2013-05-22T13:09:00.840

Answers

If you want to stop your SSID being broadcast such that it appears in unregistered clients' lists of networks, you'll need to disable it on your wireless access point (or wireless router). If you don't know how to manage the device, try putting its address into a browser. If you don't know its address, look for the default router in the output of ipconfig.

The location of the option to disable SSID broadcast obviously varies by vendor, but to give you an idea, this is what it looks like on a Linksys X3500:

enter image description here

The article you cite covers the disadvantages nicely, so I'll assume you understand the implications of doing this.

Flup

Posted 2013-05-22T12:54:14.297

Reputation: 3 151

Those disadvantages are exactly the problem. As I mentioned in the original post, the client computer is XP SP3 which has a lot of disconnect issues when SSID broadcasting is off. Is there a more reliable solution (or better software for XP)? – just.another.programmer – 2013-05-22T14:00:02.957

Ah OK, it wasn't clear that was your main concern. I've seen the problems myself and I'm afraid I don't know a way around them apart from (a) using wires instead, or (b) using a passive-aggressive SSID that makes people think twice before bothering you :) – Flup – 2013-05-22T14:06:29.357

+1 for "passive-agressive SSID". I'll need to find my wireless network a psychologist. – just.another.programmer – 2013-05-22T14:07:39.323

It sounds like you're more or less already aware, that hiding SSID does not make your wireless network any (more) secure.

What most people aren't aware of though, is that hiding your SSID might actually expose more info than leaving it visible, depending on the client OS. Hiding your SSID also makes your connection more prone to performance and stability issues.

My favourite article on the topic, though slightly dated: Technet Blogs: Non-Broadcast Wireless SSIDs Why hidden wireless networks are a bad idea.

On the risk of leaking more info when hiding SSID

The name of the network itself is only an identifier and is not a security element. In fact the name of the network has no bearing on security whatsoever from an encryption or authentication standpoint.

If the network name of a wireless network (SSID) is not broadcast, the clients must search for it with probe requests. So if you have one AP and 100 wireless devices, you partially limit exposure of the network name with one device while causing 100 devices to expose it instead. The probe frames sent by the clients advertise the SSID every 60 seconds, whether they are close to the actual AP or not. This means that instead of one device broadcasting the SSID in the immediate proximity of your network, you now have these 100 devices potentially advertising the SSID in every coffee shop, hotel, and airport they visit. The security vulnerability this exposes is worse the larger the wireless deployment is.

Later summarised:

Non-broadcast SSIDs are not a valid security measure and actually make it easier for the SSID to be discovered since it forces clients to continuously probe for it.

On hidden SSID's being more prone to connection issues

In order for the new process to work, the wireless driver must send the probe packet to the AP for the hidden SSID. We have seen that power settings defined on the NIC driver can influence whether the AP receives this probe. Sometimes setting the transmit power setting to maximum will allow the probes to reach the AP.

Currently there are several widely-distributed WLAN drivers which either do not support or do not work properly with the Vista method of dealing with non-broadcast SSIDs, including the Intel 3945ABG and the Broadcom 802.11g Network Adapters.

The Intel 3945ABG adapter is very widely distributed in current laptop models. The latest Intel driver provides improvement but does not address all issues with hidden SSIDs encountered when roaming or resuming from hibernation.

Broadcom does not show any unnamed networks, and they are not planning to fix this. One of the reasons, besides being low priority for them, is also to push customers to stop hiding the SSID, which creates a problem instead of solving it.

abstrask

Posted 2013-05-22T12:54:14.297

Reputation: 4 714

3While useful info (although not well explained) this doesn't answer his question. – Matt H – 2013-05-23T21:16:40.350

"Hiding your SSID also makes your connection more prone to performance and stability issues." - This hasn't been my experience. – Matt H – 2013-05-23T21:17:22.510

Here is a much better article. http://www.howtogeek.com/howto/28653/debunking-myths-is-hiding-your-wireless-ssid-really-more-secure/

– Matt H – 2013-05-23T21:19:30.033

Hidden SSID giving out a name is really a non-issue from a security standpoint. If the name is being broadcast around your business and part way down the street it's in the public domain anyway. You can name the SSID something that doesn't disclose your business name. Problem solved. Just make sure you're using encryption! but at least you've given me something to think about. – Matt H – 2013-05-23T21:27:57.423

I'm not so worried about packet sniffers tracking me down. The data is all secure anyways. 1 in 1,000 people will find the network, and see it's encrypted. Somehow I don't think they'll walk in and say "I packet sniffed out your hidden network, do you think I can use it for awhile?" – just.another.programmer – 2013-05-24T09:13:54.873

Practically, I have never experienced any connection issues on my 3945ABG, though I always keep my router's SSID hidden. I haven't installed any Intel drivers except those that ship native with Windows 7 and Vista. I use Dlink DIR-615, and the usage range is up to 40m (2-3 walls included). – Zeeshan – 2013-06-16T17:09:12.867

1) You must connect to the wifi user's interface. Usually, you just have to put "192.168.1.1" into your browser to display it.

2) You certainly have a security tab where you can modify your settings.

3) There is certainly an option called "broadcast SSID". Disable it, and it will do what you want.

patxy

Posted 2013-05-22T12:54:14.297

Reputation: 169

1Not sure why this was downvoted. But turning off SSID broadcast is the correct setting if the wifi router provides the option. – Matt H – 2013-05-23T21:10:34.187