I found the article 5 Wi-Fi Security Myths You Must Abandon Now interesting, particularly in the context of doing the security basics right.
- Myth No. 1: Don’t broadcast your SSID
- Myth No. 2: Enable MAC address filtering
- Myth No. 3: Limit your router’s IP address pool
- Myth No. 4: Disable your router’s DHCP server
- Myth No. 5: Small networks are hard to penetrate
Certainly the first two are commonly suggested as good practice, but the article puts forward the case they are all but useless. The demonstration given to recent IISP East Midlands – Cyber Attacks & Live Hacks emphasised this.
In the blog Design for the novice… it is argued that to provide a secure-by-default solution configuration choices like these should be left to experts.
Do we as an industry risk creating the impression of security by offering options such as “hide SSID”, whereas the true expert recognises them as useless?