I've heard that WPA-SPK & MAC filtering makes a wifi network fairly secure. As secure as most home router-based wifi networks are going to get, anyway. That's what I'm using right now, along with a software firewall on each client. Should I be doing this differently?
WPA-PSK & MAC Filtering = pretty secure?
- Thread starter DJFuji
- Start date
Yes, WPA by itself is pretty secure as long as you use a good password for generating the key. Using dictionary words, your name, etc, are all bad because WPA is vulnerable to offline dictionary attacks (which is expected of course). If you have a good password, and especially if you use WPA with AES, that is about as secure as a home wireless network is going to get, which is pretty secure.
Unlike WEP, there is no known shortcut way to crack WPA other than trying to bruteforce every possible password (which can be done off-line with some captured data). With a good password, that becomes very difficult. MAC filtering doesn't help nearly as much since almost all network cards can have their MAC addresses changed through software.
Unlike WEP, there is no known shortcut way to crack WPA other than trying to bruteforce every possible password (which can be done off-line with some captured data). With a good password, that becomes very difficult. MAC filtering doesn't help nearly as much since almost all network cards can have their MAC addresses changed through software.
On the topic of MAC filtering, wouldn't the attacker have to know what MAC to change to in order to gain access to your network? How could they get that information?
That is correct. MAC filtering is pretty much worthless.
Anyone that'd try to get in has probably already captured data, which includes teh MAC in clear text.
Concentrate on a good WPA-PSK passphrase and you're about as good as it can get (aside from WPA / EAP- (TLS, TTLS, PEAP ...).
FWIW
Scott
Anyone that'd try to get in has probably already captured data, which includes teh MAC in clear text.
Concentrate on a good WPA-PSK passphrase and you're about as good as it can get (aside from WPA / EAP- (TLS, TTLS, PEAP ...).
FWIW
Scott
Isn't MAC address filtering of some worth because it prevents unintentional connections to your wireless network? I'm talking about one of the neighbors connecting to your netowrk and not even knowing about it...
Any decent WiFi utility will pick up a network regardless of encryption. I've tried a couple of utilities and they all see mine as "SSID: Not broadcasted, Auth: WPA, Encrypt: AES-CCMP". The exception is the WinXP SP2 WiFi manager which doesn't see it if SSID is not broadcasted.
So it doesn't add anything to security.
I was under the impression that MAC address's were encrypted when using WPA but not when using WEP. Is this not correct?
VirtualLarry
No Lifer
- Aug 25, 2001
- 56,572
- 10,208
- 126
Same here. Also, how does "Shared-Key" Authentication (as opposed to "Open"), fit in with "WPA-PSK"? I can't seem to get "Shared-Key" authentication to work when using WPA-PSK (AES), between a LinkSys WRT54Gv2 and a WUSB54Gv1 (on XP SP1, with WiFi Client util 2.0 and driver 1.0.8.0). I can with WEP128. Also, if I change the "default transmit key" to anything but "1", I can't connect. Even if I change it on both the router and the client.Originally posted by: kwo
I'd also be curious to know...
EDIT: I actually just read a document talking about wireless encryption at ALL layers, including all headers.
But I still do not think that WPA/2 encrypts the MAC. Unless it is encrypting only certain fields in the header. As far as I know, the entire header is not encrypted, but the data payload of the layer 2 frame is.
But I still do not think that WPA/2 encrypts the MAC. Unless it is encrypting only certain fields in the header. As far as I know, the entire header is not encrypted, but the data payload of the layer 2 frame is.
MAC filtering and disabling SSID are worthless.
Just use WPA with a very good passphrase, not password, but a nice long sentence and mix up letters with characters, etc.
Just use WPA with a very good passphrase, not password, but a nice long sentence and mix up letters with characters, etc.
Hi, I have just updated my Netgear WGR614 router with the WPA-PSK firmware version. I am now (attempting) running WPA-PSK with AES data encryption. My router has asked me for a passphrase and key lifetime. However, I am feeling a bit on the bleeding edge of technology because My Wireless Network Properties prompts me for a network key, which I cannot locate. Ergo I am unable to connect to my wireless network using WPA-PSK network authentication. Any ideas? Help...
I like to use the Winguides Password Generator. I works quite well for generating 63-character keys with a good combination of letters, numbers and other symbols.
You need to keep the same key you setup your router with and use it with all of the clients. If you cannot remember the key make a new one and configure the router to use that one instead.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter