hidden SSID and forums can see me - help

colleenAZ · Dec 19, 2008

Hi,

i currently am running the Netgear WNR3500 - running leopard 10.5
new macbook user as of dec 2008
i have my SSID broadcast disabled (kind of a pain because if i put
the laptop to sleep or shut it down ... when i start it back up, airport
apparently drops it and i have to log back in again the 'assist me')
i also have it WPA protected

anyways ....

my problem is ... there is a forum i browse, and they guy that owns it
has this little spy dude cartoon charachter on the bottom of the main
page .... saying: i can see you ! it gives an IP, says what type of computer (brand) you are using and what browser you are on.

That doesnt really set well with me ... i 'thought' that with the router
it was a firewall. how is it they can see allllllllll that information ?
and how do i prevent it ?

also if anyone knows how to make my airport remember my hidden SSID
that wold be great ... i have remember networks checked etc.
not sure what the deal is there ... or if i just have to deal with the
inconvienence to have it hidden (yea i know the talented people out there
have ways to see it anyways).

any help would be appreciated.

McBie · Dec 19, 2008

Hi,
With every request that your browser makes to a web-site, your application ( Safari, Firefox, ... ) will send ' browser header ' information.
Below the line is an example of such a header.
As you can see, browser info as well as information on your computer are clearly visible. So there is no ' magic ' involved.
Your IP address is also available for each web-site you visit.

Wherever you go on the internet, you will always leave your 'signature' behind ;D

Hope this clarifies some of your concerns.
Cheers
McBie
________________________________________________________
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Connection: keep-alive
Host: **Home of Gibson Research Corporation**
Referer: Shields UP!! — System Error
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.5) Gecko/2008120121 Firefox/3.0.5
Cookie: tpag=l2423vatldciv; ppag=l2423vatldciv; tico=lcgfj1apbrjyy; pico=lcgfj1apbrjyy; tcss=jbfx0picmvrhz; pcss=jbfx0picmvrhz
Content-Length: 32
Content-Type: application/x-www-form-urlencoded
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
FirstParty: https://www.grc.com
ThirdParty: https://www.grctech.com
Secure: https://www.grc.com
Nonsecure: **Home of Gibson Research Corporation**
Session: l5ij1mtmt54vg

JGruber · Dec 19, 2008

McBie said:
Hi,
With every request that your browser makes to a web-site, your application ( Safari, Firefox, ... ) will send ' browser header ' information.
Below the line is an example of such a header.
As you can see, browser info as well as information on your computer are clearly visible. So there is no ' magic ' involved.
Your IP address is also available for each web-site you visit.

Wherever you go on the internet, you will always leave your 'signature' behind ;D

Hope this clarifies some of your concerns.
Cheers
McBie
________________________________________________________
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Connection: keep-alive
Host: **Home of Gibson Research Corporation**
Referer: Shields UP!! — System Error
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.5) Gecko/2008120121 Firefox/3.0.5
Cookie: tpag=l2423vatldciv; ppag=l2423vatldciv; tico=lcgfj1apbrjyy; pico=lcgfj1apbrjyy; tcss=jbfx0picmvrhz; pcss=jbfx0picmvrhz
Content-Length: 32
Content-Type: application/x-www-form-urlencoded
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
FirstParty: https://www.grc.com
ThirdParty: https://www.grctech.com
Secure: https://www.grc.com
Nonsecure: **Home of Gibson Research Corporation**
Session: l5ij1mtmt54vg

Could not have said it better myself. Nailed it!

colleenAZ · Dec 19, 2008

Thank you

cwa107 · Dec 19, 2008

Also, turn on SSID broadcast. It achieves absolutely nothing other than to make your wireless clients have a more difficult time establishing and maintaining a connection.

colleenAZ · Dec 19, 2008

cwa107 said:
Also, turn on SSID broadcast. It achieves absolutely nothing other than to make your wireless clients have a more difficult time establishing and maintaining a connection.

i had read it was just another measure to secure your
network, like the WPA encription.
But it is sorta a PITA.

cwa107 · Dec 19, 2008

colleenAZ said:
i had read it was just another measure to secure your
network, like the WPA encription.
But it is sorta a PITA.

Basically it keeps your router from shouting "THIS IS MY NAME!". But it doesn't keep it from broadcasting it at all. Anyone with a wireless scanner can still see it, so the net effect is zero protection, only a false sense of security. WPA is pretty strong (although it has been cracked). WPA2 is even better if your router supports it (if not, you might just need a firmware update). Those encryption methods will afford you some actual security.

If hiding the SSID actually did anything, you wouldn't see private businesses broadcasting theirs (like hospitals, corporations and stores).

colleenAZ · Dec 19, 2008

cwa107 said:
Basically it keeps your router from shouting "THIS IS MY NAME!". But it doesn't keep it from broadcasting it at all. Anyone with a wireless scanner can still see it, so the net effect is zero protection, only a false sense of security. WPA is pretty strong (although it has been cracked). WPA2 is even better if your router supports it (if not, you might just need a firmware update). Those encryption methods will afford you some actual security.

If hiding the SSID actually did anything, you wouldn't see private businesses broadcasting theirs (like hospitals, corporations and stores).

Good point ;D

my router has the WPA2 and thats what i selected.
airport just says WPA personal when i log in the SSID name.

anyhooooo ...... thank you so much for your help,
i really appreciate it

macwannabe · Dec 19, 2008

it doesnt mean that they can just log in to your comp. remotely .. they would have to be pretty good to get by the encryption .. right.?

JGruber · Dec 19, 2008

It would be very hard for someone to log into your computer remotely, it's hard for me to do it on my Parents computer (40miles away), when I try to help them... and I know what to open and how to configure it. (Do it at work all the time, over a WAN)

Phantom99 · Jan 2, 2009

You can hide your IP address from the forum guy in various ways. One of them is to access the site through a secure tunnel via a proxy server. There are plenty around, free and not so free, with varying levels of security. Try Secure Email Hosting - Anonymous Surfing - Anonymous Email Accounts for example.

However, he will already have a log of your IP from each visit, and from when you signed up (if you have to register), so you would have re-register if you were that serious about hiding your info.