With wireless LANs, a service set identifier (SSID) is a label that distinguishes
one wireless LAN from another. An SSID contains up to 32 alphanumeric characters,
which are case sensitive. The SSID is configured in the access point.
Typically, a company will set all access points to the same SSID to enable
effective roaming. As part of the association process, a wireless client must
have the same SSID as the one put in the access point.
Default SSID Issues
Access points are preconfigured with a default name for the SSID based on the
vendor. For example, Cisco access points have the SSID of tsunami, which,
by the way, means a big sea wave. Most other vendors simply use their company
name as the SSID, such as proxim and symbol.
If you don’t optionally choose to disable SSID broadcasting, then wireless
clients will automatically look for the SSID in the access point beacon frames.
Thus, the default SSID allows associations to occur, which means that you don’t
have to change the SSID from the default value to make your wireless LAN work.
The problem with using the default SSID is that some confusion might result
if a company or home owner next to you sets up a wireless LAN with the same
vendor’s access points. For example, you might both have a Linksys wireless
LAN at home using the default SSID of linksys-g.
If both of you don’t implement some form of security, which is commonly the
case in both homes and companies, and you’re both within range of each other,
then the your wireless clients can mistakenly associate with your neighbor’s
access point (and vice versa).
Change the SSID
In order to solve this problem, you should change the SSID to a different value
as part of the installation process. In enterprise solutions, this makes management
easier because you can differentiate your access points from neighboring companies
when performing wireless analysis.
Some people recommend changing the SSID for security purposes, but I haven’t
seen in practice that it makes little difference. Someone with very simple wireless
sniffing tools can determine the SSID of a wireless LAN, even if you change
the SSID to something secret.
By default, access points include the SSID in every beacon frame. Even if you
disable SSID broadcasting — a feature available in only some access points
— you can still easily find the SSID in the association frame when a wireless
client joins the wireless LAN.
Tips to Consider
When defining the SSID, here are some tips to mull over:
- Company and brand names. Many companies will use their company or
brand name as the SSID. This may be the best approach for public wireless
LANs because you want to advertise your particular system. With private wireless
LANs, however, the use of a company name gives away the owner of the network.
If you’re a high profile company, then a hacker may prefer to launch a denial
of service attack against your network rather than others. - Scrambled characters. A SSID with scrambled characters, such as X#EM$88d#~9nE
certainly doesn’t give away your identity, but it looks like you’re hiding
something important. So, this could prompt a hacker to do bad things to your
network. Most people choose this type of SSID because they think that it will
be more secure. Keep in mind that even an inexperienced hacker can still easily
obtain the SSID by sniffing the association frames. Also, the use of meaningless
names makes it difficult to manage the network. Administrators have difficulties
remembering things like X#EM$88d#~9nE. - Aliases. In order to mask your identify with a management name, an
alias may be your best solution. Try using something like WirelessLAN
or WLAN as your SSID. The odds of someone right next to you
with the same SSID you’ve chosen is not probable. In addition, you won’t be
giving away your identity.
When naming the SSID, consider how it affects functionality, security, and
manageability. This relatively simple exercise will make your wireless LAN more
effective.
Jim Geier provides independent consulting services to companies developing
and deploying wireless network solutions. He is the author of the books, Wireless
LANs (SAMs) and Wireless Networks – First Step (Cisco Press).