Wireless Network Security

[Angrymarshmello]

http://www.ezlan.net/Wireless_Security.html

I've followed the 7 steps in the above article (link provided by JackMDS). I was curious though - with Mac filtering on alone, would WEP or any other security feature really be necessary? If Mac addresses are permanently encoded in a piece of hardware, how would a hacker gain access to your system?

 

[Soybomb]

I can sniff traffic passively and get your mac address. Then I can change my mac with a registry entry in windows, or ifconfig in *nix/bsd to match it and log right on.

 

[Angrymarshmello]

Hey Soy - ahh ok. That explains why Mac filtering isn't a security standard of sorts. Thanks!

 

[JackMDS]

It really depends where you are at. 99.9% of computer users do not know and do not have the tools to change MAC number, it is not a simple affair.

 

[Buddha Bart]

I was curious though - with Mac filtering on alone, would WEP or any other security feature really be necessary?

Just because you block someone from using your network doesnt mean they cant listen to every radio signal and sniff all your traffic. (thats without even getting into MAC forging).

The fact is there is one and only one security measure for current soho wireless network equipment. Change your key. Depending on your daily traffic either once every 3 or 4 days, or once every week or two.

Use the info here for your math.
http://airsnort.shmoo.com/faq.html#Q8

With a rotating key, mac filtering and ssid brodcast blocking become a waste effort. Once your key is cracked they will not even slow an attacker down more than 5 minutes.