Windows 7 sees your wireless network because the AP
broadcasts the network’s SSID. However, Windows remembers the wireless
networks that you have successfully connected to. Therefore, after all
of your computers have accessed the wireless network at least once, you
no longer need to broadcast the network’s SSID. Therefore, you should
use your AP setup program to disable broadcasting and prevent others
from seeing your network.
However, you should know
that when previously authorized devices attempt to connect to a
nonbroadcasting network, they include the network’s SSID as part of the
probe requests they send out to see whether the network is within range.
The SSID is sent in unencrypted text, so it is easy for a snoop with
the right software (easily obtained from the Internet) to learn the
SSID. If the SSID is not broadcasting to try to hide a network that is
unsecure or uses an easily breakable encryption protocol, such as WEP,
hiding the SSID in this way actually makes the network less secure.
Of course, you
aren’t trying to hide an unsecure network, right? From the previous
section, you should now have WPA or WPA2 encryption enabled. So in your
case, disabling SSID broadcasting either keeps your security the same or
improves it:
If a cracker detects your nonbroadcasting SSID, you’re no worse off.
If
the snoop doesn’t have the necessary software to detect your
nonbroadcasting SSID, he won’t see your network, so you’re more secure.
So as long as your
wireless signals are encrypted with WPA or WPA2, you should disable SSID
broadcasting. Access your router’s setup pages, locate the wireless settings section (see Figure 1), and then activate the option to hide or disable SSID broadcasting.
Caution
Okay, there is one scenario where hiding your SSID can make your wireless network less
secure. If a cracker detects that you’ve disabled SSID broadcasting, he
might think you’ve done it because you’ve got something particularly
important or sensitive to hide, so he might pull out all the stops to
crack your network. How likely is this? Not very. Most crackers want
easy targets, and most neighborhoods supply them, so unless a snoop knows that you’re hiding something juicy, he’ll almost certainly move on to a less-secure network.
Connecting to a Hidden Wireless Network
Each
wireless network has a network name—the SSID—which identifies the
network to wireless devices and computers with wireless network cards.
By default, most wireless networks broadcast the network name so that
you can see the network and connect to it. However, some wireless
networks disable network name broadcasting as a security precaution. As I
described in the previous section, the idea is that if unauthorized
users can’t see the network, they can’t attempt to connect to it.
However, you can still
connect to a hidden wireless network by entering the connection settings
by hand. You need to know the network name, the network’s security type
and encryption type, and the network’s security key or pass phrase.
Here are the steps to follow to connect to a nonbroadcasting wireless networking in Windows 7:
1. | Click the Network icon in the taskbar’s notification area, and then click Open Network and Sharing Center.
|
2. | In
the Network and Sharing Center window, click the Set Up a New
Connection or Network link. The Choose a Connection Option dialog box
appears.
|
3. | Select
Manually Connect to a Wireless Network, and then click Next. Windows 7
prompts you for the network connection data, as shown in Figure 2 (which shows a completed version of the dialog box).
|
4. | Provide the following connection data:
- Network Name— The SSID of the hidden wireless network.
- Security Type— The security protocol used by the wireless network. Select No Authentication (Open) if the network is unsecured.
- Encryption Type— The method of encryption used by the wireless network’s security protocol.
- Security Key— The key or password required for authorized access to the network.
- Start This Connection Automatically—
Leave this check box activated to have Windows 7 connect to the network
now (that is, when you click Next in step 5) and automatically the next
time the network comes within range. If you always want to connect to
the network manually, deactivate this option.
- Connect Even If the Network Is Not Broadcasting—
If you activate this check box, Windows 7 will send probe requests to
see whether the network is in range even if the network isn’t
broadcasting its SSID. Note, however, that this lessens security
(because the SSID is sent in plain text in the probe request, as
described in the previous tweak), so you should leave this check box
deactivated.
|
5. | Click Next. Windows 7 connects to the network and adds it to the list of wireless networks.
|
6. | Click Close.
|