On Tue, Oct 19 2004 - 19:25, Todd Vierling wrote:
> On Tue, 19 Oct 2004, Joel CARNAT wrote:
> 
> > * How (if possible) can I disable the SSID broadcast (on the NetBSD hostap) ?
> 
> If your Windows machines includes WinXP or Win2003, "don't do that," as it
> causes WinXP/Win2003 Wireless Zero Configuration to crap out periodically if
> any other network appears in range.  For some reason it relies on periodic
> broadcast of the SSID as a "network is still good" indicator.  (References
> available if you meed them.)
> 
> Besides, removing broadcast is rarely useful, as any trivial 802.11 sniffer
> can pick up the network name easily.  Might as well just leave it on.
> 

 well, the next step idea was to enable IPsec, so that sniffer couldn't get traffic for
 established connection.

> > * Is broadcast enabled on wifi "workstation" (netbsd w/o hostap mode, or windows) ?
> >   aka, when some windows is configured (by hand), does it broadcast SSID too ?
> 
> WinXP/Win2003 always echoes back the SSID when doing network discovery (no,
> there is really no such thing a "by hand" configuration anymore on those),
> making disabling broadcast worthless at best.
> 

 hum... OK, so I won't disable SSID broadcast.
 now that I've enabled IPsec (http://ezine.daemonnews.org/200401/wifi-ipsec.html),
 I understand all traffic between workstation and the gateway go through the VPN and
 aren't sniffable for SSID and nwkey recovery, correct ?
 
 If my thoughts are corrects, windows won't publish any infos "clearly".
 But what about the gateway ? I understand setting ipsec.conf forces IPsec connection
 with the specified IP but does it disable any connection with anything not specified in this file ?

 I will go on with googling on this subject but n+1 answers/ideas is better than n ;)

> -- 
> -- Todd Vierling <tv@duh.org> <tv@pobox.com>

-- 

,-- This mail runs ---------.
`-------- OpenBSD/sparc64 --'