I've found that NetStumbler is sporadically able to pick up the SSID of my Cisco access point even though "Broadcast...
SSID" is turned off. I was told the SSID was actually captured from a client during the process of logging into the network, not from the access point. Is this true?
I have not actually used NetStumbler, but the SSID is broadcast by the client as part of its connection to the access point. It does so to make sure that it is connecting to the correct access point. My understanding of NetStumbler is that it is simply sniffing all wireless, so the likelihood is that yes, your SSID could get picked up because of the client. Unfortunately, there is nothing you can do about that.
For more information on this topic, visit these other SearchSecurity resources:
Ask the Expert: Disabling SSID to secure a WLAN
Dig Deeper on Wireless network security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.