SSID

SSID (Service Set Identifier) is a symbolic name for a Wi-Fi wireless access point used to identify it among other points by users or devices connected to the network. An SSID is a string up to 32 bytes in size that is broadcast on the air. Devices located near the network take the name and if they are allowed to join the access point, they connect to it. From the point of view of network security, administrators sometimes prohibit the access point from broadcasting an identifier, then such a device is not displayed in the list of visible access points; to connect to such a network, you must enter the identifier in the connected device manually. There are access points that allow you to divide subscribers into segments, in such cases, one access point can have several SSIDs. Data exchange in Wi-Fi networks is regulated by the IEEE 802.11 standard.

Content

Principle of Operation

Explanation of SSID (Service Set Identifier)

Explanation of SSID (Service Set Identifier) for ESS

In order for a wireless device to connect to a WiFi access point, you need to know the network identifier (SSID) to which it is going to connect ^[1] . For this, the access point broadcasts its symbolic identifier ^[2] ^[3] to the network using special signal packets at a speed of 0.1 Mbps (every 100 ms). Knowing the network identifier, the client device requests permission to connect using it in the request. If such permission is obtained, then the wireless device is paired with the access point. The size of the character identifier is limited to 32 bytes ^[4] .

Sometimes there are networks:

A wireless network with a basic set of BSS services (basic service set), then the identifier in such a network is designated: BSSID (Basic Service Set Identification), which is the MAC address of the wireless device;
A wireless network with an extended set of ESS services (extended service set), then the identifier in such a network is usually denoted: ESSID (Extended Service Set Identification) ^[5]

Knowing the SSID of the network, the client can find out if it is possible to connect to this access point. When two access points with identical SSID fall into the coverage area, the “receiver” can choose between them based on signal strength data. The Wi-Fi standard gives the client complete freedom in choosing the criteria for the connection .
Data exchange in a Wi-Fi network is regulated by the IEEE 802.11 standard ^[6] .

Security

Broadcasting to the SSID network is unsafe, therefore, the wireless network can be secured by canceling broadcasting of the SSID, which is acceptable in the 802.11 standard, but the user must enter the SSID into the dial-up device and set the connection parameters. The SSID broadcast hiding method is not safe, the identifier can still be found, since in some data packets (frame buoys) an open SSID (not encrypted) is transmitted between the device and the access point, a user who wants to access such a network can listen network and isolate from the transmission packet SSID ^[7] ^[2] ^[5] .

To make the network more secure, the 802.11 standard regulates associating SSIDs with one or more access points, in other words, using the SSID you can identify a network segment, then the load on maintaining a network administrator is simplified by maintaining the security of one segment (no need to change at all access points according to the regulations SSID, you can do this with one access point).

Notes

↑ Vladimirov A.A. Wi-fu: combat methods of hacking and protecting wireless networks. - M .: NT Press, 2005 .-- 463 p. - ISBN 0-321-20217-1 . - ISBN 5-447-00067-8 .
↑ ¹ ² 5 myths about Wi-Fi security // PC World. - 2014. - February. - S. 66–67 .
↑ Lancy Lobo, Umesh Lakshman. CCIE Security v4.0 Quick Reference. - Cisco Press, 2014.
↑ IEEE Std 802.11-2007. IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements.
↑ ¹ ² Wendell Odom. Cisco Official CCENT / CCNA ICND1 640-822 Certification Exam Guide. - Litres, 2019 .-- ISBN 545770730X . - ISBN 9785457707306 .
↑ Get IEEE 802 (English) (.pdf). standards.ieee.org . - Link to the download page of the full official text of the standard. Date of treatment June 13, 2009. Archived August 24, 2011.
↑ Christian Barnes, Tony Bouts, Donald Loyd, Eric Ole et al. Protection against wireless network hackers. - M .: IT Co., DMK-Press, 2005. - 480 p. - (Information Security). - ISBN 5-98453-012-0 .

Literature

Vladimirov A. A. Wi-fu: hacking and protection methods of wireless networks. - M .: NT Press, 2005 .-- 463 p. - ISBN 0-321-20217-1 . - ISBN 5-447-00067-8 .
Barry Lewis, Peter T. Davis. Wireless Networks For Dummies. - Hoboken: Wiley Publishing, 2004 .-- 388 p. - ISBN 0-7645-7525-2 .
Christian Barnes, Tony Bouts, Donald Loyd et al. Protection against hackers of wireless networks / trans. from English A.V. Semenova . - M .: DMK-Press, IT Co., 2005. - 480 p. - (Information Security). - ISBN 5-98453-012-0 .

Links

[1] Vladimirov A.A. Wi-fu: combat methods of hacking and protecting wireless networks. - M .: NT Press, 2005 .-- 463 p. - ISBN 0-321-20217-1 . - ISBN 5-447-00067-8 .

[:0-2] ¹ ² 5 myths about Wi-Fi security // PC World. - 2014. - February. - S. 66–67 .

[3] Lancy Lobo, Umesh Lakshman. CCIE Security v4.0 Quick Reference. - Cisco Press, 2014.

[4] IEEE Std 802.11-2007. IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements.

[:1-5] ¹ ² Wendell Odom. Cisco Official CCENT / CCNA ICND1 640-822 Certification Exam Guide. - Litres, 2019 .-- ISBN 545770730X . - ISBN 9785457707306 .

[6] Get IEEE 802 (English) (.pdf). standards.ieee.org . - Link to the download page of the full official text of the standard. Date of treatment June 13, 2009. Archived August 24, 2011.

[7] Christian Barnes, Tony Bouts, Donald Loyd, Eric Ole et al. Protection against wireless network hackers. - M .: IT Co., DMK-Press, 2005. - 480 p. - (Information Security). - ISBN 5-98453-012-0 .