Wired Equivalent Privacy (WEP) actually encrypts the data in the frames over the air, and some of the control frames. It also provides a weak authentication in that frames that don't have the right key won't decrypt right and get through (I don't remember at what level the filtering's done, but I think you can't even get the control frames back and forth that would allow a normal station to send data towards the AP). The problem is that the crypto is done poorly, and thus, it is possible to capture a bunch of ciphertext traffic off the air, do some heavy processing on it, and recover the WEP key. This process takes on the order of days on a significantly used network.
Many of the proposals to increase wireless security are proposals that effectively just change the WEP keys every few hours or so, such that you can't capture enough traffic and do the post-processing necessary before the key's changed and it won't get you in. This still doesn't help protect the content of the traffic, and frankly, it's all around a kluge. It makes it much harder to break WEP, but doesn't fix the fundamental flaws. The main reason these proposals are even being considered is that a lot of the hardware out in the field today does WEP in hardware / firmware, so anything that can be bolted on as a driver update rather than requiring new hardware will be accepted more quickly and readily.
WEP will not really deter someone clueful who wants into your network. WEP will deter someone who is just poking around / wardriving - why spend the effort breaking into a WEP network when you can go down the block and find someone else with WEP turned off?
MAC filtering is a whole different thing. It's very simple -- frames with source address on the ACL are bridged in, and frames that aren't, aren't. This can be defeated by sniffing a working station (easy enough) and spoofing that MAC address (also easy enough). Again, it'll prevent random folks from poking around, but is not security.