mirror of
https://github.com/mikaela/mikaela.github.io/
synced 2024-11-05 19:49:27 +01:00
n: add hiddenssid.md
This commit is contained in:
parent
c7660ed00a
commit
4b31cf22c7
143
n/hiddenssid.md
Normal file
143
n/hiddenssid.md
Normal file
@ -0,0 +1,143 @@
|
||||
---
|
||||
title: On hidden WiFi networks
|
||||
excerpt:
|
||||
Disabling SSID broadcast is not a security measure and may hurt your privacy.
|
||||
layout: mini
|
||||
permalink: /n/hiddenssid.html
|
||||
sitemap: true
|
||||
lang: en
|
||||
---
|
||||
|
||||
# {{ page.title }}
|
||||
|
||||
_{{ page.excerpt }} For opting out of location services, refer to
|
||||
[n/nomap](nomap.html)_.
|
||||
|
||||
<!-- editorconfig-checker-disable -->
|
||||
<!-- prettier-ignore-start -->
|
||||
|
||||
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
||||
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
||||
<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
|
||||
|
||||
- [The issue with hidden networks](#the-issue-with-hidden-networks)
|
||||
- [Connecting to a hidden network](#connecting-to-a-hidden-network)
|
||||
- [Seeing hidden networks](#seeing-hidden-networks)
|
||||
- [Returning to normalcy](#returning-to-normalcy)
|
||||
- [TODO](#todo)
|
||||
- [QR codes for hidden SSIDs](#qr-codes-for-hidden-ssids)
|
||||
|
||||
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
||||
|
||||
<!-- prettier-ignore-end -->
|
||||
<!-- editorconfig-checker-enable -->
|
||||
|
||||
## The issue with hidden networks
|
||||
|
||||
When you hide your WiFi network, your access point (AP) will still announce its
|
||||
existence with the MAC (Media Access Control) address without name. Some
|
||||
location services, such as WiGLE will still records its existence
|
||||
([n/nomap](nomap.html)) and as the Service Set IDentifier (SSID) is required for
|
||||
connecting, your devices will shout around everywhere asking for it, so scanning
|
||||
around will make you identifiable and possibly trackable as not many people are
|
||||
likely to be broadcasting the same set of SSIDs.
|
||||
|
||||
_I have said it before, but I am a fan of
|
||||
[openwireless.org](https://openwireless.org) and wonder if making that SSID
|
||||
hidden to not reveal myself so obviously on WiGLE (as hidden SSIDs are more
|
||||
common) would work for promoting it and those with the ability to see it, would
|
||||
be more likely to be interested in opening their network as opposed to people
|
||||
not seeing it._
|
||||
|
||||
## Connecting to a hidden network
|
||||
|
||||
_Please remember to replace `wlan0` with your actual interface name if
|
||||
applicable._
|
||||
|
||||
SailfishOS displays the MAC addresses and I understand Windows to display
|
||||
"hidden network" or something similar as well. Android and iOS require entering
|
||||
the name through manual adding and warn about hidden networks, on Linux at least
|
||||
NetworkManager has a button "connect to hidden network".
|
||||
|
||||
`iwd` provides commands `iwctl station wlan0 get-hidden-access-points` and
|
||||
`iwctl station wlan0 connect-hidden`, although they may require
|
||||
`iwctl station wlan0 scan` at first. In `/var/lib/iwd/<ssid>.<type>` there would
|
||||
be
|
||||
|
||||
```toml
|
||||
[Settings]
|
||||
Hidden=true
|
||||
```
|
||||
|
||||
## Seeing hidden networks
|
||||
|
||||
Many platforms have apps for this, however Android prevents getting the hidden
|
||||
SSID, so I am focusing on Linux. The required Fedora package is `aircrack-ng`.
|
||||
|
||||
1. Switch to monitoring mode through `airmon-ng start wlan0`
|
||||
1. If there are warnings about interfering services, stop them or
|
||||
`airmon-ng check kill`. **_This will likely disconnect your network
|
||||
connectivity, unless you have multiple NICs._**
|
||||
1. `airodump-ng wlan0`
|
||||
1. Wait patiently as ESSID `<length: 0>` gets replaced with the actual SSID
|
||||
once devices connect. On the bottom you will see devices asking for specific
|
||||
SSID.
|
||||
|
||||
- This could be sped up by exploiting WiFi vulnerabilities, but that would no
|
||||
longer be in the white hat territory and thus I don't concern myself with it.
|
||||
|
||||
### Returning to normalcy
|
||||
|
||||
1. Exit `airodump-ng` by `CTRL - C` as usual.
|
||||
1. Exit monitoring mode through `airmon-ng stop wlan0phy`
|
||||
1. Restart your network management (the `airmon-ng start wlan0` and
|
||||
`airmon-ng check-kill` probably gave you a hint), for me it's
|
||||
`systemctl restart iwd NetworkManager`, while `wpa_supplicant` would be more
|
||||
common.
|
||||
|
||||
### TODO
|
||||
|
||||
_I should investigate and write about these:_
|
||||
|
||||
- `man airodump-ng` may have nice flags as currently nothing is stored.
|
||||
- Security people should have some data to compare to on what is normal in the
|
||||
network environment and when changes happen. Then again with less data
|
||||
stored, there is less chance of doing something illegal by accident, while I
|
||||
think the passive listening this page focuses on is the same as VHF scan all
|
||||
button.
|
||||
- I think `kismet` does the same as `airodump-ng`, while it may be more focused
|
||||
on [wardriving](https://en.m.wikipedia.org/wiki/Wardriving).
|
||||
|
||||
## QR codes for hidden SSIDs
|
||||
|
||||
[zxing](https://github.com/zxing/zxing/wiki/Barcode-Contents#wi-fi-network-config-android-ios-11)
|
||||
and [Wikipedia](https://en.wikipedia.org/wiki/Wi-Fi#Securing_methods) agree on
|
||||
`WIFI:T:WPA;S:mynetwork;P:mypass;;` so my wondering would be:
|
||||
`WIFI:T:nopass;S:openwireless.org;;H:true;` where only `P:mypass` got omitted.
|
||||
|
||||
<pre>
|
||||
# The capital H is the highest error correction, others are LMQ
|
||||
% qrencode -l H -t utf8 "WIFI:T:nopass;S:openwireless.org;;H:true;"
|
||||
█████████████████████████████████████
|
||||
█████████████████████████████████████
|
||||
████ ▄▄▄▄▄ █▀ █▀▀▀▀ ▀▄▄▀█ ▄▄▄▄▄ ████
|
||||
████ █ █ █▀ ▄ █▀▄▀▄█▄▄ █ █ █ ████
|
||||
████ █▄▄▄█ █▀█ █▄▀▀█▀▀█▀██ █▄▄▄█ ████
|
||||
████▄▄▄▄▄▄▄█▄█▄█ █ █▄▀ ▀ █▄▄▄▄▄▄▄████
|
||||
████ ▄ █▄ ▄ ▄█▄█ ██▀▀ ▄▀▄▀ █▄▀████
|
||||
█████ █▄▀▄▄ ▀ ▄▄▄▀▀▄▀▀ ▄▀ ▀▀▄█ ████
|
||||
████ ▀▄█▄█▄▄█▄▀▄▀█ ▄▄██▀▀▄ ▄▀▀ ████
|
||||
████▄▄█▀ ▀▄ ▀ ▄█▀ ▀█▄▄█ ▀██ ▀▀███████
|
||||
████▀ ▀▀▄▄ █ █▄▄▀▄▄▄▄█ ▄▀▄ ██▀▀████
|
||||
████ █▄█ ▄▄█▄▀█ ▄███▄▄█▀▀▄▀▀▀█▄▄▀████
|
||||
████▄█▄██▄▄█ ▄▄▄▀▀█▄ ▄▄█ ▄▄▄ ▀▄▄▄████
|
||||
████ ▄▄▄▄▄ █▄▀▄█▀ ▄▄▀ █ █▄█ ▀ █ ████
|
||||
████ █ █ █ ███▄█▄▄█▄▀▀ ▄ ▀▄ █████
|
||||
████ █▄▄▄█ █ ▄ ▄█▀▄ ▀ ▀▄▄▀▄▀ ▀████
|
||||
████▄▄▄▄▄▄▄█▄▄▄▄███▄▄▄█▄▄▄▄▄▄▄▄▄█████
|
||||
█████████████████████████████████████
|
||||
█████████████████████████████████████
|
||||
</pre>
|
||||
|
||||
_While the above looks messy in my `jekyll serve -l`,
|
||||
[Binary Eye](https://github.com/markusfisch/BinaryEye) detected it regardless._
|
@ -32,6 +32,9 @@ Microsoft has a separate
|
||||
[location services opt-out](https://account.microsoft.com/privacy/location-services-opt-out)
|
||||
which uses MAC addresses instead.
|
||||
|
||||
**_Hidden SSID won't work for opt-out in some of those services. Refer to
|
||||
[n/hiddenssid](hiddenssid.html)._**
|
||||
|
||||
<!-- editorconfig-checker-disable -->
|
||||
<!-- prettier-ignore-start -->
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user