Wireless home network -- MAC filtering instead of WEP?

[tmchow]

Just wondering security pitfalls of enabling MAC filtering instead of WEP? We all know how bad WEP is for network performance, why not just enable MAC filtering? Sure MACs can be spoofed, but in reality, is the attacker going to know what MAC address to spoof and will he even take the time?

So I would:
1. Enable MAC filtering
2. Disable broadcasting of the SSDI
3. Disable WEP altogether.

Just wondering people's thoughts on this.

 

[gunrunnerjohn]

Keep in mind that the MAC address is in the IP header, so it's not going to be all that difficult for him to know what MAC address to spoof!

 

[Colebert]

Originally posted by: gunrunnerjohn
Keep in mind that the MAC address is in the IP header, so it's not going to be all that difficult for him to know what MAC address to spoof!

Yeah, but he's still gotta get that SSID.

 

[ktwebb]

SSID's are as easy if not easier to obtain with the right software, regardless if your broadcasting it or not.
Tmchow, use both. WEP should only be a minor performance hit. If your WLAN is greatly affected by WEP then its the inefficient firmware causing that for the most part, not the security measure itself.

 

[gunrunnerjohn]

I didn't even mention the ease of cracking the SSID, but that is certainly true. WEP is the only reasonably effective security measure generally available to the average joe.

 

[JackMDS]

Link: Wireless Security for the Home User.