[PATCH 4/4] implement secondary SSID capability

Stefan Tomanek stefan.tomanek at wertarbyte.de
Sat Apr 25 12:18:09 EDT 2015


Dies schrieb Jouni Malinen (j at w1.fi):

> Is there really need for this? Use of active scanning for a specific
> SSID is very much discourages nowadays due to privacy issues (among
> other things). I would not really recommend anyone to use such
> configuration for enterprise networks. As such, I don't see how this
> would work with a reasonable STA configuration (use passive scanning or
> only wildcard SSID in Probe Request frames) and to address such a use
> case, multi-BSS design with another beaconing BSS would be used instead.

Sure, but multi-BSS is limited by the hardware capabilities - and of course
I was only building on the stubs present :-)

Sending beacons for secondary SSIDs can probably implemented with a few
additional lines at the appropiate places. I haven't looked into that, but
the system worked fine when another system generated (fake) beacons pointing
towards the modified hostapd.

Even if the honeypot use case is a slim one, I've been using it for more than
half a year and kind of paniced when I saw the foundation of my
pentest/honeypot branch shrivel away :-)


More information about the HostAP mailing list