?

Log in

No account? Create an account
Adventures in Engineering
The wanderings of a modern ronin.

Ben Cantrick
  Date: 2006-06-17 20:17
  Subject:   [Digg] Have I mentioned that your wireless LAN is still insecure?
Public

MAC Filtering: The MAC address is just a 12 digit long HEX number that can be viewed in clear text with a sniffer. A sniffer to a hacker is like a hammer to a carpenter except the sniffer is free. Once the MAC address is seen in the clear, it takes about 10 seconds to cut-paste a legitimate MAC address in to the wireless Ethernet adapter settings and the whole scheme is defeated. MAC filtering is absolutely worthless since it is one of the easiest schemes to attack. The shocking thing is that so many large organizations still waste the time to implement these things. The bottom line is, MAC filtering takes the most effort to manage with zero ROI (return on investment) in terms of security gain.

http://blogs.techrepublic.com.com/Ou/?p=43

WPA-PSK or bust, yo.
Post A Comment | 4 Comments | | Link






MegaZone
  User: zonereyrie
  Date: 2006-06-17 21:26 (UTC)
  Subject:   (no subject)
I very much disagree with that. MAC filtering certainly isn't going to stop any one who wants on your network deliberately. But simple things like MAC filtering, turning off SSID broadcast, etc, tends to keep the script kiddies and casual folks out. The more barriers you put up, the better.

If you have the option of WPA-SPK, definitely use it. If not then WEP-128 + MAC filtering + SSID broadcast off is probably the best setup to use. If someone really wants to see *your* network they can do it, but that'll keep any casual snoopers out - and really, for most people you're not going to be the target of a focused attack.
Reply | Thread | Link



Ben Cantrick
  User: mackys
  Date: 2006-06-18 00:52 (UTC)
  Subject:   (no subject)
I don't think that MAC filtering is worthless, especially against casual attackers. I see it more like having glass windows. You know that anyone can throw a rock through your glass windows any time they feel like it; it's not a real barrier. But it's better than nothing.
Reply | Parent | Thread | Link



MegaZone
  User: zonereyrie
  Date: 2006-06-18 02:28 (UTC)
  Subject:   (no subject)
Right. A window is still better than a gaping hole in the wall that anyone can wander in and out of. Even randomly curious people might poke at an open network, just because - they won't bother with one that takes effort.
Reply | Parent | Thread | Link



Alex Belits
  User: abelits
  Date: 2006-06-18 06:19 (UTC)
  Subject:   (no subject)
My wireless networks are open -- and provide the same access from wireless to internal subnet as from the Internet to internal subnet, except for ssh that goes everywhere. This means, if I really need to access anything from a wireless connection, I can forward it, but without authentication nothing can get in.
Reply | Thread | Link



browse
May 2015