I reviewed the Linksys WAP11 Wireless Access Point Version 2.2 some time ago.  Today I decided it was time to play with NetStumbler a utility that wardrivers use to detect wireless networks that they might be able to tap into, and to my shock and surprise, up popped my access point (AP) on NetStumbler's list.  It turns out that a major security setting on my WAP11 simply doesn't work.

One of the most important things you can do to secure your wireless access point, after you enable WEP, is to turn off SSID broadcast.  Without this broadcast, it is very unlikely (although not impossible) that outsiders looking to use your wireless connection to send spam or simply browse the internet for free, will even see your AP.

On the WAP11, if you go into the AP's Web setup pages, click on Advanced, and then Wireless, you can (supposedly) turn SSID Broadcast on and off.

As you can see, SSID Broadcast is set to Disable.  As it turns out, this doesn't actually turn off SSID Broadcast on the default 1.009 firmware.  Apparently Linksys offers a 1.1 firmware update which fixes this problem, however a number of users have reported other problems with this (and every other) firmware update.  I'm waiting to hear back from Linksys support to see if I can get a copy of my original 1.009 firmware so that I can revert to my original firmware in case the 1.1 "upgrade" doesn't work for me.

Sloppy work.

Update: I installed the 1.1 firmware, however the WAP11 was DEAD DEAD DEAD afterwards.  Apparently there was some problem with the settings. The solution was to hold in the little button on the back when applying power to reset it to factory defaults, then resetting all the settings including WEP keys etc.  It seems to be working reliably now.  Linksys never did get me the 1.009 firmware.