Wireless: Is WPA necessary if SSID broadcast is disabled and router log-on changed?

Posted on 2004-11-28
Last Modified: 2007-02-13
If SSID broadcast is diabled and SSID and router log-on are changed from the factory defaults, is WPA necessary for home wireless network security?
Question by:whousto
    LVL 49

    Expert Comment

    Some of the suggestions for wireless security are

    a) Disable SSID broadcast
    b) Enable Encryption WEP
    c) Enable MAC address filtering (
    d) Upgrade the firmware of your router

    Keep in mind to check the log of your router every so often. Some unusual activity of someone using your wireless network can be detected.

    Read articles :


    Author Comment


    Thanks for the list and the links.  However, hasn't WPA replaced WEP?

    I know that enabling WPA is the best option, but if you have SSID broadcast disabled, and you've changed the factory router logon and password, why should a home network need to enable encryption or MAC address filtering?

    Bill H.

    LVL 49

    Expert Comment


    Those for extra protection for your wireless network. that is all

    LVL 4

    Assisted Solution

    To answer your questions:
    1) Yes, you should enable WPA even if you disable SSID broadcast and router logon. The SSID is only used for association with a specific access point and not broadcasting it would not prevent someone from sniffing the SSID off the air from another connection. SSID is not a security measure. In addition, WPA encrypts all data traveling the air preventing disclosure of information.

    2) WPA is replacing WEP. It can utilize two encryption schemes, TKIP or AES, both which are much more secure than WEP.

    ---Good Luck

    Author Comment

    Thanks syn,

    In the neighborhood full of geriatrics I live in I don't need to worry too much about war drivers in Cadillacs and Crown Victorias, so I may not bother with encryption until I move.

    However, your reply leads to a request for some additional explanation.  How do wireless snoopers go about "sniffing the SSID off the air"?

    Bill H.
    LVL 79

    Expert Comment

    Easy enough. Take a look at the tools
    Add Ethereal to that, and you have a wireless sniffer

    More tools
    LVL 7

    Accepted Solution

    The broadcast SSID setting only prevents your Access Point from sending beacon packets advertising its existence.  Short answer to your question is this:

    802.11a/b/g packets have unencrypted headers.  Regardless of whether or not your access point is broadcasting beacon packets with the SSID, all data to and from clients contain the SSID in the header, so a wardriver need only wait for a client to send or request a packet and the SSID is sent, unencrypted, over the air.  Use the WPA feature at all times, and change all default settings to something custom.

    Expert Comment

    Does WPA have as much 'overhead' as WEP appeared to have? Everything seemed slower with WEP enabled...


    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Join & Write a Comment

    Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now