How effective is MAC filtering w/ 802.11b? Can it replace encryption?

[iamme]

My router keeps acting up when I enable any sort of encryption.

Can I just use MAC filtering? Is this an effective way to keep people out? I only have my desktop (wired to router) and laptop (wireless).

TIA

 

[JackMDS]

Security Effectiveness can only be measured against the ?Attack?.

1. If a Pro tries to get to your system, nothing will stop him.

2. Protecting against ?Juvenile? Attacks, you probably need to set "MAC + Encryption"

3. Casual stumbling upon your system. MAC protection is probably the best, since no casual detection will occur.

 

[iamme]

Originally posted by: JackMDS
Security Effectiveness can only be measured against the ?Attack?.

1. If a Pro tries to get to your system, nothing will stop him.

2. Protecting against ?Juvenile? Attacks, you probably need to set "MAC + Encryption"

3. Casual stumbling upon your system. MAC protection is probably the best, since no casual detection will occur.

Yeah, I'm not so worried about a determined hacker trying to get into my system. After all, no security is 100% impenetrable.

I live in a condo neighborhood, where the setup is much like an apartment complex. I'm just worried about my neighbors setting up wireless networks, and "stumbling" on my network. Will I be relatively safe w/ only MAC filtering?

 

[Amused]

I'd like to know if MAC filtering is secure enough too. Encryption on my SMC Barricade AWBR cuts my bandwidth in almost half.

How will a "juvenile" know to hack my system if he can't casually find it?

 

[Nikepete]

I don't mess with security: MAC + 128-bit encryption + non-DHCP + router hard password
Too much damage if some weirdo gets access to your online banking account or drops a virus on your hard drive IMHO.

 

[Amused]

Originally posted by: Nikepete
I don't mess with security: MAC + 128-bit encryption + non-DHCP + router hard password
Too much damage if some weirdo gets access to your online banking account or drops a virus on your hard drive IMHO.

How is using DHCP a risk?

 

[iamme]

Originally posted by: AmusedOne

Originally posted by: Nikepete
I don't mess with security: MAC + 128-bit encryption + non-DHCP + router hard password
Too much damage if some weirdo gets access to your online banking account or drops a virus on your hard drive IMHO.

How is using DHCP a risk?

Yeah, wouldn't DHCP be safer since your IP changes?

 

[Nikepete]

The DHCP thing is explained here

 

[JackMDS]

Can be found at: http://www.extremetech.com/article2/0,3973,34635,00.asp

If you're using a wireless router and have decided to turn off DHCP, also consider changing the IP subnet. Many wireless routers default to the 192.168.1.0 network and use 192.168.1.1 as the default router. We discovered one network that didn't give us an IP address, but we assumed that they were using the defaults. We were right. We configured our notebook with an IP address in the 192.168.1.0 network using 192.168.1.1 as the router address, and we had access to the Internet through their network.

By logic DHCP should be safer since it is possible to randomly change IP assignments. However, these guys have a point. Most Cable/DSL Entry level Router assign IPs in a certain repetitive way, so you have a better chance to guess.

However, a lot of Cable/DSL router has the capacity to assign bands of IP.

I.e. as an example, I can set my Router to start the pool of IPs at 135 and end it at 146, after few weeks in 20 second I can change the pool to 120-130 etc.

BTW, the Extremetech article created a lot of unjustified fear among people shying from the usage of Wireless Hardware.

The main problem is that many people and cooperate ?Plumbers? leave the system with the default setting, and thus easily exposed to trouble.

I live in a condo neighborhood, where the setup is much like an apartment complex. I'm just worried about my neighbors setting up wireless networks, and "stumbling" on my network. Will I be relatively safe w/ only MAC filtering?

Unless you have special circumstances, iamme is right.

 

[Nikepete]

The point is wireless security is so fragile and you'll need all the protection you can get. The DHCP is only a stop-gap measure, without it, the router would assign right away an IP to the intruder (and he'll be part of the network) once he has cleared the MAC and the encryption. It's scary when you see the number of "visitors" in the intruder detection log of the router. Again, may be I'm overly cautious but I take no chance.

 

[Amused]

I can understand your caution, and would feel the same way were I living in an urban area... but note that I live in a wide open area in the far out suburbs of a pretty small Midwest city in a single family house on one acre. The small subdivision I live in is surrounded on three sides by corn fields.

What are the chances of little Johnny Hacker coming accross my network when it can't even be seen because of MAC filtering, and my Orinoco card loses the signal before I get to the street?

Would you still be as overly cautious if you lived here?

 

[JackMDS]

The most used textbook of Social Psychology circa 1965 starts with an amusing page.

We all believe that ?You can not teach an old dog new tricks.?

Nevertheless, we also say ?Never too old to learn?.

We think that ?Distance make the heart grow fonder.?

However, ?Out of sight out of mind?.

?You always get what you pay for.?

So, why the Hot Deal forum is busiest one on this BBS.

Thanks AmusedOne. One more point to sanity.

 

[Amused]

Um, OK, thanks.

So am I safe enough with only MAC filtering in my circumstances? Nike has me paranoid now, so I turned back on WEP, but it's really slowing down the transfer rate.

 

[iamme]

Can you turn off DCHP on a wireless router? If you can, won't that limit the number of PC's on the network?