I've noticed that it has become common for people to change their default SSID.

I still haven't changed mine, and I don't think I have a particulary vulnerable wireless router. It certainly was somewhat expensive when I bought it. (connection by cable between cable modem and router, wireless connection between router and my computer, no other computers in the network, network properly managed in firewall)

I have taken some precautions, like changing the default password, not allowing remote access through the internet, and maybe a few others.

Encryption by WPA-PSK, AES, long key, key not vulnerable to dictionary attacks.

I suppose I could change the SSID name, but I find it convenient to keep it as it is. I've googled the subject, but could not find any clear explanation why it would be necessary.

Given my security precautions, is it really important to change my SSID ? I'm not a high profile 'target', plenty of other wireless signals in my neighnourhood.

The reason people advise changing your SSID to something unique is because your wireless authentication handshake is generated from the SSID and password together. In other words, dictionary attacks must try different SSID/password combinations, not just passwords. There are many well-researched dictionary files that are designed to try the most commonly used passwords with 1000 or so of the most commonly used SSIDS. By changing your SSID, you dramatically reduce the effectiveness of such an attack. If you already have a long and random password, you're probably fine but changing it makes you much more secure with no real downside. Cheers.

Of course yes, but:

1 000 000 people will be targeted before you... at least. Because when you have 1 000 000 open doors, you don't chose to open the 1 000 001st one.

In my neighborhood, I have exactly 10 possible connexions possible. Two not giving their name, mine and another one, 6 secured, but giving their name. And 2 open. Guess which ones a hacker would target first.... And only?

Point taken. Your probability of being targeted for intrusion in such a situation is low. Some of us just want to be as far down the list as possible. :lurking:

How about being able to identify your router :) Seems like the most important issue to me :)
Mrk

-{ Quote: "The reason people advise changing your SSID to something unique is because your wireless authentication handshake is generated from the SSID and password together. In other words, dictionary attacks must try different SSID/password combinations, not just passwords. There are many well-researched dictionary files that are designed to try the most commonly used passwords with 1000 or so of the most commonly used SSIDS. By changing your SSID, you dramatically reduce the effectiveness of such an attack. If you already have a long and random password, you're probably fine but changing it makes you much more secure with no real downside. Cheers." }-

I'm not sure if I understand. How could someone get access to my router ('password'), if I use the WPA-PSK encryption I mentioned ? My router remembers its WPA-PSK AES encryption phrase, and I cannot access the router wirelessly if I don't have the key on my computer (wireless adaptor configured with key).

They would not be accessing your router. They would be attempting to access your router using a bruting-forcing app and a dictionary file. This file contains passwords that are known to be common based on self-reported data (surveys) of what people use, knowledge of human nature, the English language, etc., in combination with the most common SSIDs as determined by observation (i.e. war driving) and known default SSIDs. These common SSID + common password combinations are fed into AES to generate handshake authentication packets and send them at your router. In a brute force attack like this on WPA(2), the attacker is not somehow stealing your password or statistically cracking it, they simply try millions of SSID/password combinations until they find the correct one to connect to your router or they give up.

If your SSID as well as your password are random and unique, this type of attack will be orders of magnitude less likely to succeed.

-{ Quote: "They would not be accessing your router. They would be attempting to access your router using a bruting-forcing app and a dictionary file. This file contains passwords that are known to be common based on self-reported data (surveys) of what people use, knowledge of human nature, the English language, etc., in combination with the most common SSIDs as determined by observation (i.e. war driving) and known default SSIDs. These common SSID + common password combinations are fed into AES to generate handshake authentication packets and send them at your router. In a brute force attack like this on WPA(2), the attacker is not somehow stealing your password or statistically cracking it, they simply try millions of SSID/password combinations until they find the correct one to connect to your router or they give up.

If your SSID as well as your password are random and unique, this type of attack will be orders of magnitude less likely to succeed." }-

Thank you for the explanation. Given the fact that I don't use a common password and I do use strong encryption, I will probably not bother changing my SSID.

Seriously, any dedicated hacker trying to hack my system is involved in something that isn't worth his time, especially since he'd be risking spending time in prison.

Great information,,to step in if i could i have a question i want to change my
SSID now i know how to do it on my router end but not sure how to change
it on my wireless/other computer end, it's a DELL 2350 windows XP SP3 with
a HIRO wireless PCI card.

could somone point me in the right direction ?

-{ Quote: "i want to change my
SSID now i know how to do it on my router end but not sure how to change
it on my wireless/other computer end, it's a DELL 2350 windows XP SP3 with
a HIRO wireless PCI card.

could somone point me in the right direction ?" }-
^^^^??????

Most probably enough to change you network name (in windows, the two of them are the same, aren't they?)

yea there the defult name right now...

It's shaded out so i can't change it,anyone have an idea??????????

You have to set that in router's settings.
Just type this:
192.168.0.1

into browser and router panel will open. You can change SSID there.
Some even disable it so SSID is not even broadcasted. I just changed it to some other cool name :P
Also make sure you use WPA2-AES. This is the most secure option for now.

-{ Quote: "You have to set that in router's settings.
Just type this:
192.168.0.1

into browser and router panel will open. You can change SSID there.
Some even disable it so SSID is not even broadcasted. I just changed it to some other cool name :P
Also make sure you use WPA2-AES. This is the most secure option for now." }-
Thanks RejZoR, so by changing it in my router it will change it in my "setup" on my second computer???

thank for your help...

-{ Quote: "How about being able to identify your router :) Seems like the most important issue to me :)
Mrk" }-

Well said, knowing the router is knowing its specifis, possibly IP address of the console, default admin and guest passwords, etc