Wednesday, November 05, 2008

Post-Mortem – Valca Goes Wireless…

Just a few minor updates from my post Valca Goes Wireless…Headaches included free.

Thoughts on the SSID name

When I set up our new wireless router one of the things I needed to do was to provide a name for the SSID field on the settings.

Being a good sysadmin, and following what we do at work, I assigned it a custom name that was helpfully descriptive.  Made sense.

Because I had also turned off the SSID (Service Set Identifier) broadcasting option on the router, I didn’t feel too strongly that it was an issue.  As it stands, this action is just one component in the larger wireless security configuration lockdown.

FYI from this geeksaresexy post

The SSID (Service Set Identifier) is a sequence of up to 32 letters or numbers that represent the ID of your wireless network. the SSID is broadcasted from your AP to all wireless devices within range to let them know that he's available and ready to receive connections. If you shut off SSID broadcasting, the clients will have to know about the ID of the network if they want to be able to connect to it.

Anyway, I already knew that even if broadcasting was turned off, it could still be sniffed with the right tools.  Just something you have to accept with wireless.

So a few nights ago I was playing with NirSoft’s new tool WirelessNetConsole. It worked great.

However it’s certainly one thing to know something and another to see it for yourself.

------------------------------------------------------------
SSID                          :  [name here]
Signal Quality                :  82%
Security Enabled              :  Yes
Connectable                   :  Yes
Authentication                :  RSNA-PSK
Cipher                        :  CCMP
PHY Types                     :
MAC Address                   :  xx-xx-xx-xx-xx-xx
RSSI                          :  -55
Channel Frequency (GHz)       :  2.437
Channel Number                :  6
Company Name                  :
------------------------------------------------------------

After looking at what I originally had in the [name here] field for the SSID I decided that it still might have been a tad-too descriptive for security purposes.  I also was able to see quite a few others around me as well.  Enlightening information.  Like I said, it’s a great little tool.

So I went back into my router settings and changed the SSID to be very generic instead.  Then after saving the update to the router config, I had to go back and create new wireless connection items on the laptops since the SSID was different.  No problems.

I know that someone with a signal detection antenna could probably then track down my wireless information to our house, but for the average war-driver (or neighbor) it now appears just like any other wireless point in a crowded neighborhood field. Before I did this change a bit a Google work might have been able to make a more specific match.

Anybody have any thoughts about SSID naming conventions for home and corporate applications?

I certainly spent some additional time thinking about it and think the smart approach is security through obscurity applies here.

SharePort BSOD Resolved

The other (larger) outstanding issue I had was that when I installed the D-Link DIR-655 SharePort software all my systems would immediately go into a BSOD and crash hard.

System Restore points would get them going again, but it was still kinda stressful.  Also, that SharePort feature was a important reason I went with the router in the first place.  I wanted to be able to shuffle files (primarily syncing my portable utility collection around as well as my Firefox OMPL RSS feed file and my bookmarks files) between systems.

At the time of my previous post, I had ruled out AVG 8 being the issue as I first suspected.  I then had turned my attention to NetLimiter Monitor and was able to replicate the bad behavior in a Virtual PC session.

So today I finally took the leap and live-fire tested it.

I had previously uninstalled NetLimiter Monitor from my systems but double checked just to be sure.  Then I set a fresh manual System Restore Point.

Finally I reinstalled the SharePort v1 software.

It went on with no issues at all.  Hurray!

image

I was quickly connected and transferring files back and forth.

Neat!

Still no response from the email I had sent to NetLimiter support team.

Worked just fine on the XP Home (SP3) systems as well as the Vista Home Premium (SP1) system.  No BSOD, no crashes, just pure file storage mounting bliss.

(Note: It appears that only one system can “mount/connect” that shared device point at a time.)

So if any one else tries to install D-Link’s SharePort software on their Windows system and gets a hard-crash during the installation process, take a look after you have recovered and see if you have NetLimiter Monitor installed on your system. If so and you want to use SharePort, looks like you will need to uninstall it first.

Cheers!

--Claus V.

No comments: