Netstumbler is designed to be "polite", which means it does not do passive
scanning. Read "Detecting Netstumbler" on page 5 of

http://home.jwu.edu/jwright/papers/l2-wlan-ids.pdf

for a little tutorial on what Netstumbler does. There are descriptions here
of how other stumbler tools work.

Basically, Netstumbler sends an active probe with an empty SSID string
("universal SSID"). APs normally respond to this with their actual BSSID,
except that APs that are configured to not broadcast SSID usually do NOT
respond, and therefore will not be seen by Netstumbler.

The feature of not broadcasting SSID (and not responding to universal SSID)
is technically a violation of the 802.11 standard, although it is quite
commonly implemented. One security guy has written a whitepaper on why this
feature is evil and should not be relied on. The fact is that tools more
sophisticated (and less polite) than Netstumbler have ways to force your
network to cough up its SSID and/or BSSID (either one can be used to get the
other). Also, in a roaming network. broadcast SSID is required for proper
handoff.

However, for a single-AP home network it actually does add a little extra
insurance, at least against people with crude tools.