Jakob sent in a good find over at Microsoft: http://support.microsoft.com/?kbid=917021
. It's an hotfix update to the wireless system of XP SP2 that claims to do a number of useful things:
- Allows group policy to control WPA2 settings.
- Allows networks in the preferred network list to be set as broadcast or non-broadcast. Setting all to broadcast prevents the computers from leaking the list of preferred networks when they do not find one in their list.
- 'parked' wireless cards are given encryption. Parking a card is according to Microsoft: "Wireless Auto Configuration may create a random wireless network name and put the wireless network adapter in infrastructure mode. In this situation, the wireless adapter is not connected to any wireless network. However, the wireless adapter continues to scan for preferred wireless networks every 60 seconds".
They go on with: "Some wireless network adapter drivers may interpret this parking operation as a request to connect to a wireless network. Therefore, these drivers may send probe requests in search of a network that has the random name. Because the parking operation passes no security configuration the driver, the random wireless network might be an open system-authenticated wireless network that uses no encryption. An observer could monitor these probe requests and establish a connection with a parked Windows XP wireless client".
Now encrypting will surely help, but it does feel funny to let it sit there configured randomly while there is no use for it doing anything.
- Stop trying to connect to ad-hoc networks in the preferred network list.
Test it well before you deploy it widely, but it does seem a worthwhile hotfix.
See also Microsoft security advisory 917021
, it contains more background information.
Swa Frantzen -- Section 66