HOW do you get INTO "stealth" mode?

[James T Kirk USS Enterprise]

welcome,
i have a question for you.

i know a lot about computers, but i am only a beginner when it comes to the subject of networking.
i heard that you have better protection if you are in "stealth" mode.

what does that mean?
but more importaintly, HOW do you get INTO "stealth" mode?

thank you,
sincerely,

[Security]

 

[Someone Somewhere]

Can't say I've ever heard of stealth mode. You may be referring to Chrome's Incognito mode, which doesn't save history or cookies. Firefox and Opera call it a Private Window or Tab. Can't remember IE.

 

[James T Kirk USS Enterprise]

Someone Somewhere i'm glad to have met you at some time and at some place,

what about for some kind of security feature like a firewall or something?
you never heard of it, huh?
it makes you "invisible".
i heard about it, but don't know how to do it.

White Hat
Cyber Security Gaurd
God is my Sheild

 

[Someone Somewhere]

A quick google finds this, which implies that it's Apple's proprietary term for hidden SSID.

Pretty much worthless; finding the SSID is a sub-minute job on any box setup with Backtrack.

 

[James T Kirk USS Enterprise]

Someone Somewhere, hi there,

i have heard of a hidden SSID, but haven't figured out how to do it yet
when i heard about it, as it makes it "invisible" -- i thought it was trick (awesome).

however, you are saying that its not all that, huh?
dang, thought i could step up the security a little with this.

so you've never heard of "stealth mode" with the firewall, huh?

SECURITY

 

[Someone Somewhere]

Hidden SSID isn't part of a firewall, it's part of the wireless access point.

It means you need to know the SSID to connect to the network (but people can detect the presence of a network if it's there). To get the SSID, you have to wait for a device to connect or force one to reconnect. The SSID is sent in cleartext every time something connects.

There are arguments that hidden SSIDs actually reduce security, because your devices will be screaming out the SSID every few seconds when they're not connected (e.g. not at home).

 

[COLGeek]

Consider this:

"Many home wired and wireless network routers have a feature called "Stealth Mode". Stealth mode allows you to make the computers on the inside of your home network virtually invisible to hackers.

Stealth mode prevents your router from responding to "pings" from hacker's port scanning tools. Hackers use these scanning tools to find unsecured ports and services on your computer. They could use this knowledge to mount a port or service specific attack. By not responding to these requests your router makes it look like there is nothing running inside your network.

Check your router's setup guide for instructions on how to enable this feature if it is available."

Access your router and disable the ability to respond to external pings. You will then have your cloak enabled.

 

[James T Kirk USS Enterprise]

howdy Someone Somewhere, thanks for the reply,

yea, i have to admit that is a whole LOT more than i knew about this,
and the "security" end of it as well, to boot.
this is great. you really answered everything that i needed to know about the hidden SSID.
THANKS Someone Somewhere!

"Hidden SSID isn't part of a firewall, it's part of the wireless access point."
i hope i don't sound stupid, as i'm nearly an expert at computers, but only a pathetic beginner at the networking feild,
but SSID is only for wireless, right? this means that SSID is "not" used for regular (non-wireless) connections? because i could have sworn that for NON-wireless connections that i have connected to in the past HAVE used this, which is seen just before internet connection is obtained, as in the menu list that shows all of the SSID points where you can connect???? okay, now i that i think about it, maybe your right.

wow -- i didn't realize that, because as i'm thinking about it, now that you have said it, i seem to recall that the "other" POINTs on the SSID list are other hotspot points where connection is available nearby, or within "range". huh,.... thanks,... that knowledge "woke" me up to the realization of this conceptual understanding. i didn't know that.

thanks Someone Somewhere.

"Hidden SSID isn't part of a firewall, it's part of the wireless access point."
and as to the security side of things, you say that you have a LOWER security level "if" you use this hidden SSID security technique, huh? that's good to know. guess i'll scratch that off of my list of things to do for how to secure my network. much appreciated.

COLGeek, hi is you?
thanks a lot pal!!

"setup guide"
"how to enable this feature"
gotcha.

so if you enter "stealth mode" with your router, and you have other people on your network, will this effect your/their connectivity or internet connection?

you have helped me COLGeek!!

i like your avatar. hey, what a coincidence -- that's where i live too. you live there?
popeye -- your cool dude.

sincerely,

SECURITY

 

[Someone Somewhere]

SSID is the name of the Wireless Access Point. There isn't one for cabled; if you picked a name from a list it was wireless.

It's not improving your security, but the decrease is only very minor in that people might find out the name if they're looking for it.

It can annoy people, because it makes it harder to connect, and it might break existing connections requiring them to reconnect.

 

[James T Kirk USS Enterprise]

thanks Someone Somewhere,

COLGeek,
okay, i think i figured it out:
"so if you enter "stealth mode" with your router, and you have other people on your network, will this effect your/their connectivity or internet connection?"

the answer is "no", but only if you manually enter the IP address of each computer on your network.

 

[Someone Somewhere]

Manually entered IPs has nothing to do with it.

You need to manually enter the SSIDs.

 

[COLGeek]

Stealth mode and not broadcasting an SSID are 2 different things. You should do both. As SS indicates, to connect to a router that does not broadcast its SSID, you must manually enter that info on each device connecting to that network.

Neither of these measures will affect the network performance of attached devices.

 

[Someone Somewhere]

Aha. Further reading indicates that stealth mode is a name for having a firewall that drops all unsolicited traffic, including pings.

Personally, I'd consider it thoroughly OTT. Dropping pings, for example, doesn't make it look like the system isn't there - that would be a Destination Host Unreachable error.

Some interesting reading here: http://www.wilderssecurity.com/showthread.php?t=216892

 

[James T Kirk USS Enterprise]

howdy there COLGeek, thanks for the reply bro!!

"Stealth mode and not broadcasting an SSID are 2 different things"
1. so by this, when you say "Stealth mode", you are talking about with your computer firewall?
2. and by "not broadcasting an SSID ", you are talking about with your ROUTER firewall?

OR is "not broadcasting an SSID " something different?
i heard that you can make your SSID appear "invisible" by inserting a (-) dash before your SSID name.
is this how i make it so that i am "not broadcasting an SSID "?

hi you Someone Somewhere,

i haven't heard that. interesting. i know HOW to add an IP, but i don't know how to add a SSID.
i don't seem to remember a spot to add it on the screen where i would add the IP address.

by the way, what does "OTT" mean? never heard of that...

SECURITY

 

[Someone Somewhere]

Not broadcasting an SSID is not part of a firewall. It's part of a physical layer connection, firewalls are layer 3 or 4 IIRC. Can't say I've heard of the dash thing, but I'll have to check. Usually it's a checkbox on the setup page of the router.

To add a hidden SSID (in Windows 7, not sure about other flavours), you need to go to Network and Sharing Centre > Manage Wireless Networks > Add > Manually Create a Network Profile, then tick the Connect even if the network is not broadcasting box. You can't do it from the taskbar.

In android, it's Settings > WiFi > the Plus button.

It looks like Stealth Mode is also a name for a firewall (in your router, or in your computer if it's the only thing on your internet connection) that doesn't respond to any traffic.

OTT = Over The Top. AKA Overkill.

EDIT: Just checked, and I can see an AP with a name starting with a dash perfectly fine. Same with one starting with a dot (.), which is a common way to indicate hidden.

 

[James T Kirk USS Enterprise]

Someone Somewhere, hi there, thanks for the reply,

i just realized that SSID is only the single connection that ALL wireless devices on the same network use. unless they have their own hotspot or special card in their computer which is able to connect directly to the internet (probably a card that creates a hot spot, i'm not to sure about the details, i just know that it is possible -- outside of having to connect to the same SSID that everyone else has to that doesn't have their own hotspot)
maybe we were talking about two different things. you were talking about the SSID connection and i was talking about the firewall.

i know how to create a new network profile, but i don't know how to make a SSID hidden, or at least, i haven't been able to get it to work yet (using this technique).
but as to the dash thing, maybe its a (_ ) instead?

so you never heard about this technique, huh?
its new, and not many people know about it, and even fewer know HOW to use it.

SECURITY

 

[Someone Somewhere]

The SSID is the network name. It's what you select when you connect to a new network.

Hidden SSID is not new. It's been around for as long as WiFi has.

SSID is the network name. You set it on the router. There's no prefix, there's a tickbox on the router. For example, here's the setting on a Cisco/Linksys box:
[img=http://www.wlanbook.com/wp-content/uploads/2007/12/linksys-wireless-ssid-broadcast-disable.gif[/img]

WWAN (mobile internet) cards are essentially a cellphone, minus the phone bit. They connect directly to the PCIe lanes off the CPU, and appear as another network connection.

 

[Hawkeye22]

Consider this:

"Many home wired and wireless network routers have a feature called "Stealth Mode". Stealth mode allows you to make the computers on the inside of your home network virtually invisible to hackers.

This is normally the only time I hear a reference made to stealth. In fact, Gibson Research has a utility called Shields Up that can test to see if your ports/services are in stealth mode. Just click the "proceed" button once on the web site and select the test you want to run.

 

[COLGeek]

Consider this:

"Many home wired and wireless network routers have a feature called "Stealth Mode". Stealth mode allows you to make the computers on the inside of your home network virtually invisible to hackers.

This is normally the only time I hear a reference made to stealth. In fact, Gibson Research has a utility called Shields Up that can test to see if your ports/services are in stealth mode. Just click the "proceed" button once on the web site and select the test you want to run.

Excellent bit of info. I had forgotten about that tool (used myself in years past).

 

[James T Kirk USS Enterprise]

hello you Someone Somewhere,

ya, i guess the SSID doesn't really matter since the "stealth mode" kinda trumps it.
but it was a nice bit of curiousity and trivia.
doesn't look like it will add to the security any.

hay hay hay. WOW -- Hawkeye22, long time no see.
how have you been bro???!!!!!!!
i like your new avatar.
whoa, your a moderator now.

dang, you deserve it, you have a really good eye for noticing details that other people didn't notice. that's what i always liked about you.
cool, a moderator that likes me. what a relief. i feel better now.

yea, i ran the sheilds up test, along with 3 other vulnerability scanning programs, and ALL were successful.
so it seems like i would be safe, right?
WRONG!!!!

and i only let my guard down twice. how do i know this? because it is a fresh install.
1. when i was trying to install sp3, and was having trouble.
2. when i was having trouble installing my printer, and where the file that was from a legitamate company did not pass the windows logo test. however

just the other day i was trying to install my printer and the
"supposed" technician, as in not that smart, recommended that i turn off my firewall and all security programs so that i could install the software:
as a solution to the problem that i was having.

and i said:
"WHAT!!! ARE YOU KIDDING ME?"

"no, that is what i recommended for you to do."
[to solve this technical issue]

and now the identity protection on my security program keeps turning off by itself. strange!
oh, it just did it again today, and yesterday, and then another time.

thank you Hawkeye22 my friend,

SECURITY

 

[Someone Somewhere]

It's reasonably common for installers to ask you to turn off local antivirus software to install drivers, as some are on way too loose a trigger. It's quite common to see false positives pop up.

Lots of places don't bother to do windows logo tests. They're pricey and MS rejects them if you do anything wrong.

 

[Hawkeye22]

"Stealth mode" just hides your open ports and services. It can't stop someone from ranomly trying to access your ports by just randomly trying your IP address. Windows XP is very vunerable to attack during setup as none of the security patches have yet been installed. The only true way to be 99.9% protected is NOT to connect to the internet or any network. Even then you'd have to be careful not to use someones infected USB drrive or external drive. The only thing you can do is try to lessen the attack vectors - use firewalls, update software when security patches are released, and so forth. It's a connected world out there now and if you want to play there you have to take precautions. The best solution is to make sure you have good backups of your system so if a threat ever does strike, you can recover from it.

 

[Someone Somewhere]

I thought the best way to not get infected during setup was to use a hardware firewall, e.g. a router. Without any forwarding rules configured, there's no way for external unsolicited connections to get to you.

 

[Hawkeye22]

I thought the best way to not get infected during setup was to use a hardware firewall, e.g. a router. Without any forwarding rules configured, there's no way for external unsolicited connections to get to you.

Yes, this is probably your best option for an XP install or in general any OS install. The point I was trying to get across is if your computer isn't isolated, i.e. not on a network, then the potential to get hacked is there. Firewalls and such are deterrents and can help mitigate attacks, but they aren't always full proof. for example...

http://arstechnica.com/security/2014/03/hackers-hijack-300000-plus-wireless-routers-make-malicious-changes/

 

[Someone Somewhere]

However, that attack (by the looks of it; didn't read in depth) requires you to be using the default admin password on your router (big no-no), have CSRF vulnerabilities in the browser (some routers, e.g. Opera, complain when a site tries to do this), and would only have an effect if you aren't using SSL/TLS and are going to a site they're specifically spoofing.