Wireless security - MAC address filter

[JS80]

So I currently have my router configured open with a network filter. What are the security issues I am vulnerable to vs having a secured network?

 

[spidey07]

You have no security. Use wpa2 with aes and a strong key.

Without encryption I'm stealing your cookies and your sensitive info.

 

[imagoon]

and sniffing the allowed MAC address so later I can change it in software and use your AP to hack the Pentagon. The guys in suits will be there to pick you up later.

 

[Emulex]

wpa2-aes or wpa-aes is the only secure encryption method currently.

mac filtering is a feel good method but honestly with the simplicity of spoofing mac - it is absolute in no way secure. it shouldn't even be in routers any more (like wep/wpa-tkip/none) they should just remove all of the unsafe protection.

 

[nickbits]

Mac filtering will keep the gradmas off your wifi, that's about it

 

[JackMDS]

From the weakest to the strongest, Wireless security capacity is.

No Security
Switching Off SSID (same has No Security. SSID can be easily sniffed even if it is Off)
MAC Filtering______(Band Aid if nothing else is available, MAC number can be easily Spoofed).
WEP64____(Easy, to "Break" by knowledgeable people).
WEP128___(A little Harder, but "Hackable" too).

-------------------
The three above are Not considered safe.
Safe Starts here at WPA.
-------------------

WPA-PSK__(Very Hard to Break).
WPA-AES__(Not functionally Breakable)
WPA2____ (Not functionally Breakable).

Note 1: WPA-AES the the current entry level rendition of WPA2.

Note 2: If you use WinXP bellow SP3 and did not updated it, you would have to download the WPA2 patch from Microsoft. <http://support.microsoft.com/kb/893357>

The documentation of your Wireless devices (Wireless Router, and Wireless Computer's Card) should state the type of security that is available with your Wireless hardware.

All devices MUST be set to the same security level using the same pass phrase.

Therefore the security must be set according what ever is the best possible of one of the Wireless devices.

I.e. even if most of your system might be capable to be configured to the max. with WPA2, but one device is only capable to be configured to max . of WEP, to whole system must be configured to WEP.

If you need more good security and one device (like a Wireless card that can do WEP only) is holding better security for the whole Network, replace the device with a better one.

Setting Wireless Security - http://www.ezlan.net/Wireless_Security.html

The Core differences between WEP, WPA, and WPA2 - http://www.ezlan.net/wpa_wep.html


😎

 

[JS80]

and sniffing the allowed MAC address so later I can change it in software and use your AP to hack the Pentagon. The guys in suits will be there to pick you up later.

Yea but if I don't have a secure connection, and the RIAA/MPAA/GOVT come knocking on the door I can always claim it was someone stealing my internets!

Thanks guys.

 

[spidey07]

Yea but if I don't have a secure connection, and the RIAA/MPAA/GOVT come knocking on the door I can always claim it was someone stealing my internets!

Thanks guys.

As the operator of your private network you are responsible for any and all activities that take place.

 

[Tsavo]

Use a nice long hard to crack passkey, too:

https://www.grc.com/passwords.htm

 

[JackMDS]

Yea but if I don't have a secure connection, and the RIAA/MPAA/GOVT come knocking on the door I can always claim it was someone stealing my internets!

Thanks guys.

So what was the point of your posting to begin with.


😎