This guide was written for Windows 7 but I am going to assume it works for Windows 8 as well.
Problem: My users (or kids) are connecting to SSID’s that they shouldnt be. My users should only ever connect to my work SSID. My users should never be allowed to use AD-HOC SSID’s (Cell phone generated AP’s)
Solution: Quickly block their ability to do this with netsh. Create a GPO when you have time.
What we are going to do first is simply block a single SSID or network with netsh. For this example we are going to use FreeWifiZone as the SSID as this is a common fishing network. Open a command line as administrator and type the following:
netsh wlan add filter permission=block ssid=FreeWifiZone networktype=infrastructure
netsh wlan add filter permission=block ssid=FreeWifiZone networktype=adhoc
These two command will block the SSID in both modes, this will give the desired effect. You will notice a red X over the network now in the connection list. To verify that this is enabled type:
netsh wlan set blockednetworks display=show
This is good and all but your saying how I cant know all the SSID’s, well no you cant. So you simply block all and explicit allow the one you need. For this example we will use WorkWifi as the good AP we want to keep.
netsh wlan add filter permission=allow ssid=WorkWifi networktype=infrastructure
netsh wlan add filter permission=denyall networktype=infrastructure
netsh wlan add filter permission=denyall networktype=adhoc
Now that your users are right pissed that they cant connect to anyone wifi your going to start to get calls, and when your busy at home you dont want that. So lets just hide the other (blocked) wifi AP’s so that the user perceives to see no open wireless at all. And they are not even tempted to try and connect.
netsh wlan set blockednetworks display=hide
There you have it!