SSID

The SSID (Service Set IDentifier) is a token which identifies a 802.11 (Wi-Fi) network. The SSID is a secret key which is set by the wireless network administrator. You must know the SSID to connect to a 802.11 wireless network. However, the SSID can be discovered by network sniffing/scanning. By default, the SSID is part of the packet header for every packet sent over the WLAN.

SSID access points continuously broadcast radio signals which are received by client machines if enabled. Based on the automatic or manual configuration, the client can connect to the access point. A SSID is generally 32 bit long, but when displayed to the user, it is projected into a human readable ASCII format. Multiple access points can possibly share same SSID if they are for the same wireless network. Many wireless access points support broadcasting multiple SSIDs, permitting the formation of Virtual Access Points. Such Virtual Access Points partition a single physical access point into many logical access points, each of which can have a special set of security and network settings.

SSID Security Issues

The fact that the SSID is a secret key instead of a public key creates a key management problem for the network administrator. Every user of the network must configure the SSID into their system. If the network administrator seeks to lock a user out of the network, the administrator must change the SSID of the network, which will require reconfiguration of the SSID on every network node. Some 802.11 NICs allow you to configure several SSIDs at one time.

Default SSID's

Most 802.11 access point vendors allow the use of an SSID of "any" to enable an 802.11 NIC to connect to any 802.11 network. This is known to work with wireless equipment from Buffalo Technologies, Cisco, D-Link, Enterasys, Intermec, Lucent, and Proxim. Other default SSID's include "tsunami", "101", "RoamAbout Default Network Name", "Default SSID", and "Compaq".

Every time a client connects to the wireless network, the SSID is communicated in plain text format, which can easily be sniffed by eavesdropper using sniffing applications like Kismet. Hence, additional security techniques are required to be implemented in order to enhance the wireless security.

Disabling SSID Broadcasting

Many Wireless Access Point (WAP) vendors have added a configuration option which lets you disable broadcasting of the SSID. This adds little security because it is only able to prevent the SSID from being broadcast with Probe Request and Beacon frames. The SSID must be broadcast with Probe Response frames. In addition, the wireless access cards will broadcast the SSID in their Association and Reassociation frames. Because of this, the SSID cannot be considered a valid security tool.

An SSID by any other name

The SSID is also referred to as the ESSID (Extended Service Set IDentifier).

Some vendors refer to the SSID as the "network name."
Setting the SSID on a LinkSys WAP