RealTime IT News

What SSID is Right for You?

With wireless LANs, a service set identifier (SSID) is a label that distinguishes one wireless LAN from another. An SSID contains up to 32 alphanumeric characters, which are case sensitive. The SSID is configured in the access point.

Typically, a company will set all access points to the same SSID to enable effective roaming. As part of the association process, a wireless client must have the same SSID as the one put in the access point.

Default SSID Issues

Access points are preconfigured with a default name for the SSID based on the vendor. For example, Cisco access points have the SSID of tsunami, which, by the way, means a big sea wave. Most other vendors simply use their company name as the SSID, such as proxim and symbol.

If you don't optionally choose to disable SSID broadcasting, then wireless clients will automatically look for the SSID in the access point beacon frames. Thus, the default SSID allows associations to occur, which means that you don't have to change the SSID from the default value to make your wireless LAN work.

The problem with using the default SSID is that some confusion might result if a company or home owner next to you sets up a wireless LAN with the same vendor's access points. For example, you might both have a Linksys wireless LAN at home using the default SSID of linksys-g.

If both of you don't implement some form of security, which is commonly the case in both homes and companies, and you're both within range of each other, then the your wireless clients can mistakenly associate with your neighbor's access point (and vice versa).

Change the SSID

In order to solve this problem, you should change the SSID to a different value as part of the installation process. In enterprise solutions, this makes management easier because you can differentiate your access points from neighboring companies when performing wireless analysis.

Some people recommend changing the SSID for security purposes, but I haven't seen in practice that it makes little difference. Someone with very simple wireless sniffing tools can determine the SSID of a wireless LAN, even if you change the SSID to something secret.

By default, access points include the SSID in every beacon frame. Even if you disable SSID broadcasting -- a feature available in only some access points -- you can still easily find the SSID in the association frame when a wireless client joins the wireless LAN.

Tips to Consider

When defining the SSID, here are some tips to mull over:

  • Company and brand names. Many companies will use their company or brand name as the SSID. This may be the best approach for public wireless LANs because you want to advertise your particular system. With private wireless LANs, however, the use of a company name gives away the owner of the network. If you're a high profile company, then a hacker may prefer to launch a denial of service attack against your network rather than others.
  • Scrambled characters. A SSID with scrambled characters, such as X#EM$88d#~9nE certainly doesn't give away your identity, but it looks like you're hiding something important. So, this could prompt a hacker to do bad things to your network. Most people choose this type of SSID because they think that it will be more secure. Keep in mind that even an inexperienced hacker can still easily obtain the SSID by sniffing the association frames. Also, the use of meaningless names makes it difficult to manage the network. Administrators have difficulties remembering things like X#EM$88d#~9nE.
  • Aliases. In order to mask your identify with a management name, an alias may be your best solution. Try using something like WirelessLAN or WLAN as your SSID. The odds of someone right next to you with the same SSID you've chosen is not probable. In addition, you won't be giving away your identity.

When naming the SSID, consider how it affects functionality, security, and manageability. This relatively simple exercise will make your wireless LAN more effective.

Jim Geier provides independent consulting services to companies developing and deploying wireless network solutions. He is the author of the books, Wireless LANs (SAMs) and Wireless Networks - First Step (Cisco Press).