Is there anyone actually here or is the same 2 people looking over and over at threads? ;)

On to the issue......

Anyone have an opinion on just how much extra security access control gives you. If I underestand it correctly, access control *should* allow only the mac addresses of approved stations to connect to the network. BUT, are mac id's sent in cleartext? If so, wouldn't they be as easy to get as everything else?

Also, doesn't this feature simply keep the intruder from accessing and using your bandwidth. It's probably not going to keep them from sniffing the network if they want to. Mmmmmm.....

Thanks,

-Mike

I really gotta read the rfc.

An access controller generally works as a security gate between the access point and the protected (wired) side of the network. Someone can still sniff the packet transmissions on the wireless side of the network, which can comprimise the security.

If MAC addresses are sent in the clear, then someone can discover a legitimate MAC address and start using it (i.e., MAC address spoofing). A way that some access control mechanisms guard against MAC address spoofing is to monitor the sequence numbers used in 802.11 frames. If the numbers are not consecutive for a given end user (which is likely if someone starts spoofing the MAC address), then the access control mechanism can raise a red flag (i.e., set off alarm, block access, etc.).

To defeat that "security mechanism", you simply spoof a deauthenticate frame from the AP to the client in question, then assume his MAC and associate before he retries. Then HE is the intruder.

MAC address filtering/access control is the most egregious example of overwhelmingly burdensome administrative overhead for worthless returns I have ever seen.