如果您正在考虑在无线路由器上禁用SSID广播的选项,您应该了解所涉及的真正安全问题。
如果您禁用 SSID 广播,当有人使用标准无线网络适配器搜索可用网络时,网络名称确实不会显示。
但是,这不会以任何方式隐藏网络本身。使用正确的软件或技术,任何人都可以像通常使用网络 ID 和密码一样“看到”您的网络并连接到它。
在本文中,您将了解SSID广播是如何工作的,人们如何仍然可以连接到“隐藏”网络,以及最后如何在路由器上禁用SSID广播。如果您只想查看如何禁用SSID广播,可以向下滚动到本文的最后一部分。
路由器 SSID 的工作原理
首次打开无线路由器时,大多数路由器默认设置为广播无线网络的名称。这称为服务集标识符(Service Set Identifier)或SSID。
标准无线适配器及其相关软件将识别并列出范围内网络的 所有可用SSID 。(SSIDs)
当有人在其中任何一个网络上禁用SSID广播时,该网络将不再显示在无线适配器的可用网络列表中。
例如,如果对路由器进行了调整,以便上面显示的名为Netgear61-5G的网络不再广播其SSID,那么当任何人扫描可用网络时,该网络将不会出现。
这只是因为当您禁用SSID广播时,SSID名称更改为NULL,这不会显示在任何可用网络列表中。
这并不意味着网络无法访问,它只是意味着标识符没有被广播。
如果阻止对您的网络的访问是您真正想要做的,请在此处停下来阅读我们关于防止他人使用您的 Wi-Fi 网络(preventing someone else from using your Wi-Fi network)的指南。
人们如何看到禁用 SSID 的网络(Disabled SSID)
无线网络的 802.11 标准要求管理无线网络的路由器发送“管理信标包”,提供有关Wi-Fi网络的基本信息。无论路由器是否为网络传输SSID ,路由器都会将其发送出去。(SSID)
任何人都可以获得免费和付费的软件包,它们不仅可以查看没有SSID的 Wi-Fi 网络,而且还可以相当容易地 识别SSID 。
该软件可以“查看”这些管理数据包并以这种方式识别可用网络,而不是通过SSID。它还可以通过尝试初始连接以获取SSID或拦截进出其他客户端的数据包来连接到网络。当禁用的SSID网络响应任何请求时,这些响应包括网络SSID名称。
提示(Hint):启用 Wi-Fi 加密有助于防止这种不必要的数据包拦截。
不同的监控应用程序具有不同级别的功能。NetSpot是一个免费软件应用程序示例,可让您查看附近是否有任何“隐藏”网络。
您可以在启动应用程序时出现的列表中看到未广播其 SSID 的网络。这些通过 SSID 字段下列出的隐藏 SSID进行标识。(Hidden SSID)
WifiInfoView等其他免费工具实际上更进一步。您不仅可以查看隐藏的网络,还可以连接到它们。
当您启动WifiInfoView时,您会看到类似的网络列表。您甚至可以右键单击隐藏的网络并连接到它们。
您仍然需要知道网络密码(need to know the network password)才能连接,但没有SSID不会阻止进行连接尝试。
其他可让人们查看未广播SSID的 Wi-Fi 网络的软件应用程序包括:(SSID)
如何在路由器上禁用(Your Router)SSID 广播(SSID Broadcast)
如果您仍想在路由器上禁用SSID广播,只需几个步骤。在执行此操作之前,您需要知道如何使用管理员密码连接到路由器。
要获取网络的路由器 IP 地址,请打开Windows命令提示符并键入命令ipconfig/all并按Enter。
向下滚动(Scroll)所有返回的信息,直到看到Default Gateway IP。
打开 Web 浏览器并在URL(URL)字段中输入此 IP 地址(在本例中为 192.168.0.1) ,然后按Enter。这将带您进入路由器登录屏幕,您需要使用管理员密码登录。
如果您从未更改过您的管理员密码,那么它将是您可以在路由器上找到 的默认管理员密码。(default admin password)
注意(Note):如果您使用默认密码,最好更改它以更好地保护您的 WiFi 网络(change it in order to better secure your WiFi network)。
网件精灵
登录路由器后,您需要找到无线(Wireless)菜单来更改SSID广播设置。
在Netgear Genie上,您会在基本(Basic)选项卡下找到它。选择无线(Wireless)菜单,然后禁用要隐藏的 2.4Ghz 或 5Ghz 网络的启用 SSID 广播复选框。(Enable SSID Broadcast)
您需要选择页面顶部的应用(Apply)才能使更改生效。
在其他 Netgear 路由器上,您可以通过选择无线设置(Wireless settings)并取消选中启用 SSID 广播在“(Enable SSID Broadcast)高级(Advanced)”选项卡中找到它。(在较旧的Netgear路由器上,这可能是Enable Wireless Router Radio)。
禁用SSID 广播(SSID Broadcast)其他路由器
执行此操作的过程因路由器而异。在其他路由器上,请按照以下步骤选择与您的路由器匹配的路由器。
- Linksys :从菜单中选择无线(Wireless)和基本无线设置。(Basic Wireless Settings)将SSID 广播(SSID Broadcast)设置为已禁用(Disabled)。您需要对 2.4 GHz和 5 GHz执行此操作。
- D-Link :从菜单中选择设置(Setup)和无线设置。(Wireless Settings)然后选择Manual Wireless Network Setup并将Visibility Status设置为Invisible。或者,您可以选择启用隐藏无线(Enable Hidden Wireless)。选择保存设置(Save Settings)以启用更改。(在较旧的 D-Link 路由器上,您需要禁用无线菜单下的无线无线电(Wireless Radio)按钮。)
- Belkin:在左侧菜单中选择无线(Wireless),然后选择频道和 SSID(Channel and SSID)。取消选中广播 SSID(Broadcast SSID)旁边的复选框。
如果这些说明均与您的路由器不符,或者您的路由器型号未在此处列出,请查看您的路由器手册。您应该能够从制造商的网站上找到并下载它。
How to Disable SSID Broadcast on Your Wireless Router
If you’re considеring the option to disable SSID broadcast on your wireless router, you should understand the real security issues that are invоlved.
If you disable SSID broadcast, it’s true that the network name will not show up when someone searches for available networks using their standard wireless network adapter.
However, this does not hide the network itself in any way. With the right software or technique, anyone can “see” your network and connect to it as they normally would with the network ID and password.
In this article you’ll learn how SSID broadcasting works, how people can still connect to “hidden” networks, and finally how you can disable SSID broadcast on your router. If you only want to see how to disable SSID broadcast, you can scroll down to the last section of this article.
How a Router SSID Works
When you first turn a wireless router on, most routers are set up by default to broadcast the name of the wireless network. This is known as the Service Set Identifier, or SSID.
A standard wireless adapter and its associated software will recognize and list all available SSIDs for networks that are within range.
When someone disables SSID broadcast on any of those networks, the network will no longer show up in the wireless adapter’s list of available networks.
For example, if the router is adjusted so that the network shown above called Netgear61-5G no longer broadcasts its SSID, that network will not appear when anyone scans for available networks.
This only happens because when you disable SSID broadcast, the SSID name changes to NULL, which will not show up in any list of available networks.
This doesn’t mean the network is inaccessible, it just means the identifier isn’t broadcast.
If blocking access to your network is what you really want to do, stop here and read our guide on preventing someone else from using your Wi-Fi network.
How People Can See Networks With Disabled SSID
The 802.11 standard for wireless networks requires the router managing the wireless network to send out “management beacon packets” that provide basic information about the Wi-Fi network. The routers send this out regardless of whether or not they’re transmitting an SSID for the network.
There are free and paid software packages anyone can get that can not only see Wi-Fi networks that have no SSID, but they can also identify the SSID fairly easily.
The software can “see” those management packets and identifies available networks that way, rather than by SSID. It can also connect to the network by either attempting an initial connection to obtain SSID, or intercepting packets to and from other clients. When the disabled-SSID network responds to any requests, those responses include the network SSID name.
Hint: Enabling Wi-Fi encryption can help protect against this kind of unwanted interception of packets.
Different monitoring applications have different levels of capability. One example of a free software application that lets you see whether there are any nearby “hidden” networks is NetSpot.
You can see networks that aren’t broadcasting their SSID in the list that comes up when you launch the app. Those are identified with Hidden SSID listed under the SSID field.
Other free tools like WifiInfoView actually take this a step further. Not only can you view hidden networks, but you can connect to them as well.
When you launch WifiInfoView, you’ll see a similar list of networks. You can even right click on the hidden networks and connect to them.
You still need to know the network password in order to connect, but not having the SSID will not prevent a connection attempt from being made.
Other software applications that let people see Wi-Fi networks where the SSID is not being broadcast include:
How To Disable SSID Broadcast On Your Router
If you still want to disable SSID broadcast on your router, it only requires a few steps. Before you can do this, you’ll need to know how to connect to your router using the admin password.
To get your network’s router IP address, open a Windows command prompt and type the command ipconfig/all and press Enter.
Scroll down all of the returned information until you see the Default Gateway IP.
Open a web browser and type this IP address (in this example, 192.168.0.1) into the URL field and press Enter. This will take you to the router login screen where you’ll need to log in using the admin password.
If you’ve never changed your admin password, then it’ll be the default admin password you can find on your router.
Note: If you are using the default password, it’s a good idea to change it in order to better secure your WiFi network.
Netgear Genie
Once you’re logged into your router, you’ll need to find the Wireless menu to change the SSID broadcast setting.
On Netgear Genie, you’ll find this under the Basic tab. Select the Wireless menu, and then disable the Enable SSID Broadcast checkbox for the 2.4Ghz or 5Ghz network you want to hide.
You’ll need to select Apply at the top of the page for the changes to take effect.
On other Netgear routers, you may find this in the Advanced tab, by selecting Wireless settings and unchecking Enable SSID Broadcast. (On older Netgear routers, this may be Enable Wireless Router Radio).
Disable SSID Broadcast Other Routers
The procedure to do this varies from router to router. On other routers, follow the procedure below for the router that matches yours.
- Linksys: Select Wireless and Basic Wireless Settings from the menus. Set SSID Broadcast to Disabled. You’ll need to do this for both 2.4GHz and 5 GHz.
- D-Link: Select Setup and Wireless Settings from the menus. Then select Manual Wireless Network Setup and set Visibility Status to Invisible. Alternatively, you can select Enable Hidden Wireless. Select Save Settings to enable changes. (On older D-Link Routers, you’ll need to disable the Wireless Radio button under the Wireless menu.)
- Belkin: Select Wireless in the left menu and then select Channel and SSID. Deselect the checkbox next to Broadcast SSID.
If none of these instructions match your router, or if your router model isn’t listed here, check your router’s manual. You should be able to find and download it from the manufacturer’s website.
