The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Make Your AirPort Basestation Invisible

TMO Quick Tip - Make Your AirPort Basestation Invisible

by , 7:30 AM EDT, October 2nd, 2006

The only way to be one hundred percent sure that no one can hack into your network's wireless access point, or basestation, is to pull out the power cord. Since that isn't really practical, there are some other things you can do to keep unwanted people out of your wireless network.

The obvious security measure is to add a password to your Basestation, but you can also make the wireless part of your network invisible to most bad guys. If you are using an Apple AirPort Basestation, here's what you do:

  • Launch AirPort Admin Utility. It's in Applications/Utilities/AirPort Admin Utility.
  • Select your Basestation.
  • Click Configure.
  • Click the AirPort tab.
  • Check Create a closed network.

  • AirPort's closed network option hides your basestation from most everyone.
  • You'll get a warning that says your network won't appear in any computer's network list. Since that's exactly what we're going for, click OK.

  • Apple wants to make sure you know your basestation will become invisible.
  • Click Update.

Most wireless access points have an option to hide them just like Apple's AirPort Basestation. The instructions that came with your access point should show how to enable this feature.

To connect to a closed AirPort network, do this:

  • Choose Other from the AirPort menu icon.

  • Choose Other from the Airport menu to join hidden networks.
  • Enter the name of the network you are joining in the Network Name field.
  • Choose the Basestation's password type from the Wireless Security pop-up menu.
  • Enter the Basestation's network password in the Password field.
  • Click OK.

Enter the name of the hidden network you want to join.

Remember, there is no sure fire way to ensure that no one can ever gain access to your private network without your permission. But the more you do to protect your network, chances that some one will hack in are much lower.


if you have ideas for Mac related tips that you think other TMO readers might find helpful.

Digg!

Observer Comments

Show: Subjects Only | Full Comments
Close Name:jbruni Posts: 105 Joined: 14 Jul 2006
Subject: Nonsense

Hiding the SSID does not make your wireless network more secure, just more difficult to use. This would be similar to removing the address plate from the front of your house, thinking that it would slow down a burglar.

Close Name:Guest
Subject: Hiding your ssid

If you take away the ssid how can others "see" you on a network?

Close Name:Biff Posts: 1479 Joined: 08 Apr 2004
Subject:

jbruni that was a horrible analogy. I think this would be more akin to making your house completely invisible. Hiding the SSID is going to stop casual "hackers" and thats like 99% of the people who would try to hop on your network.

Guest, thats the whole point. If others do not know the network is there then they will not try to break into it.

Close Name:metavurt Posts: 163 Joined: 16 Jun 2003
Subject: Actually Biff

as a casual hacker (NOT cracker, mind you - there's flippin' difference) ... the analogy wasn't that offbase. With even basic features of a net sniffer, you can see invisible networks plain as day. all you have to do is start the application.

not. really. hard.

a more thorough way to prevent users would be to limit the access to the node to only the ids of the computers meant to use it.

Close Name:Biff Posts: 1479 Joined: 08 Apr 2004
Subject: WOW!

LOL. Sorry I didn't realize you had a "casual hacker" membership card. Thank you for disproving me with your scientific sampling of wifi h@x0r5. Way to differentiate hacker and cracker. That's like way l33t and stuff.

My point was mainly that disabling your SSID will make your network more secure in that there will be a smaller proportion of individuals that will be aware of the network and thus try to get on it. How much more secure? No idea. But however small, it is MORE secure. Which makes jbruni wrong.

I know you are just trying to amaze me with your awesome knowledge of networking and teach me that it won't make THAT much of a difference. I get that. Why do computer amateurs always feel the need to flaunt their limited knowledge? Well anyhow were you referring MAC address filtering? That is also good, but lets not forget that you can just run an application to get around that too... and crack WEP encryption...

Close Name:Guest
Subject: Even better

For even better security, utilize the MAC access controls provided by Airport Extreme, and use WPA-PSK encryption, not WEP. WEP is *extremely* easy to crack and I'm surprised it is shown in the example here... except perhaps that WPA is not supported by older Airport hardware.

Close Name:DrShakagee -   TMO Forum Mod Posts: 941 Joined: 14 Jun 2001
Subject:

I am no hacker or anything (my neighbors do call me a cracker but that's cause I'm white, nothing to do with computers at all), and have never had one person successfully get on my network. I have had people try to get on my network but my logs have never shown them to be successful.

There are 4 other wireless networks set up in my building, and I am the only one with full security (I've tried them all out). I figured since there is 4 other less secure networks in my area I am in the low risk category. 2 of the other networks use WEP passwords and one uses a WPA personal password, and one has no security at all.

Close Name:Guest
Subject: It helps, but not much

DrShakagee has the right sense of this. A closed network or hidden SSID does not make you invisible enough. Its only purpose is to hide your network from the most basic level of cracker, like a wireless newbie who knows just enough to look around the neighborhood but hasn't learned about closed networks yet.

Once you use WPA with a good password, none of these other methods (MAC filtering, IP restrictions, closed network) are worth much. They are worth something if you are using WEP, which can easily broken, so you might want additional security layers. But if someone has the mad skillz to get through WPA, none of the other techniques will stop them at all. They'll just sniff and spoof.

Here's an anecdote. Recently I helped a computer-newbie neighbor set up her Windows laptop. I put it on her own wireless network. There's an Intel utility that came with her laptop and it's integrated with the Intel wireless chipset in her PC laptop. I was surprised to see my own "hidden" network in the list of available networks shown by the Intel wireless utility. I wasn't too concerned because I do use WPA.

So that's the story, it used to be that a closed network would have been visible only to someone who knew they needed to download a specialized stumbler to see invisible networks. Now you don't need a specialized stumbler, because more regular utilities see closed networks anyway.

A better analogy: Closing your network is like moving your loaded Mac Pro tower away from the living room window. While a thief casing the neighborhood can assume that all the houses in the neighborhood probably have similarly expensive stuff in them, the difference is that yours isn't advertised in public view.

Close Name:David Nelson -   TMO Staff Posts: 5407 Joined: 11 Jun 2001
Subject: Re: It helps, but not much

Quote
Anonymous wrote:
Once you use WPA with a good password, none of these other methods (MAC filtering, IP restrictions, closed network) are worth much. They are worth something if you are using WEP, which can easily broken, so you might want additional security layers. But if someone has the mad skillz to get through WPA, none of the other techniques will stop them at all. They'll just sniff and spoof.


Exactly. Securing your network with WPA is definitely the way to go whenever possible. The other methods are not entirely worthless, but they are so easily broken that they will stop only the most casual intrusion attempts. WEP or a hidden SSID are easily circumvented using free software that anyone can find on MacUpdate, VersionTracker, or other common software directories. And don't forget to use a decent password. All the encryption in the world won't save you if the password to unlock it is your dog's name, or some random word chosen from the dictionary.

Of course, securing your network only protects the first hop your data makes away from your computer. Once it's out on the "real" Internet, all bets are off. No matter how your network is set up you should also use encryption whenever possible for any data your transmit (SSL for the connection to your mail server and anyplace you enter personal or financial information, GPG for the contents of your mail if you're sending sensitive information, and SSH (instead of Telnet) if you ever remotely access your computer). That way your data is protected all the way between you and its final destination.

Close Name:Guest
Subject: adding "other" every time?

is there a way to set my mac up so that i don;t have to type the name of the network every time i open my computer?

Comment on this Article


You cannot edit your comments.   You cannot delete your comments.

Comments are currently closed. Please email the author instead.


Recent Headlines - Updated July 6th

Mon, 5:28 PM
Arlington Police Release Video of Apple Store Shooter
4:40 PM
Deal Brothers - Apple Mac Pro 2.66GHz Intel Xeon Quad Core for $2,274.00 Delivered A/R
4:12 PM
Product News - Babylon Upgrade Adds New Translation Features to Mac Dictionary App
11:17 AM
Ted Landau's User Friendly View - Apple’s LED Cinema Display: A Too Short Story
11:11 AM
Product News - Photo Recovery for Mac Adds Photoshop Support
10:39 AM
Hot Forum Topic - iPhones in Education
8:47 AM
News - Apple Employee Injured in Store Shooting
Fri, 10:29 AM
News - Apple Warns of Learning Interchange Security Breach
7:30 AM
News - Happy Fourth of July!
Thu, 6:07 PM
TMO Scoop - Psystar Moves to Drop Bankruptcy Ahead of Apple Legal Battle
5:37 PM
News - Uncomfirmed Reports Say Apple & Nvidia On The Outs
4:57 PM
News - Microsoft Sick Over Barf Ad

The Mac Observer Reader Specials

  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!