Has any one here ever used MAC filters? I was considring using the MAC filters on my router but would it be better than using WEP? Also does any one know how seutre these filters are. Will they prevent any one from accesing my home network?

MAC filters are not considered secure at all. Anyone sniffing traffic on your WLAN will see the MAC addresses that are in use and can spoof them at will.

Yes that is correct. Why not just use both MAC filter and WEP. I am using DLink 614+ and dont see any decrease in performance.

MAC filters and static WEP will stop 99.9% of the people from getting into your WLAN. This doesn't mean that they couldn't, but who the hell is going to take the time to crack a residential user's WEP key? You're not a very attractive target, to any hacker with his salt.

I could break in, probably a few people on this forum could, but no one would likely ever bother.

From a residential perspective, you're right. I wouldn't be worried, but I'd be wary.

I have just enabled MAC filtering and WEP on my Linksys and there dosen't seem to be any slow down in speed. If someone wants to take the time to hack into my network now, then fair play to them.

u can hack WEP with brute force. theoretically u can hack anything, it just takes time. right now anything over 1024 bit encryption is out of the picture unless there is a shortcut.

all these safefty measures are just deterrents.

I disagree.


Encryption is, indeed, a time game. In theory, all encryption is "hackable", given sufficient resources and time. What makes one encryption scheme more difficult is in how much computing power and how much time is required to defeat the system. The textbook attack, the "brute force" attack, involves trying to decrypt data with every key in the possible keyspace until the expected result is achieved. Question is, how long does that take? That is why everyone is obsessed with key length.

However, encryption is a two-fold process. There is the algorithm (such as 3DES, AES, RC4, etc) and the protocol (WEP, TKIP, IPSec, etc). You cannot fully decide how "hackable" a cryptosystem is without considering both halves of this pair.

What we call "WEP" (really the WEP protocol and the RC4 algorithm) was cracked mostly because WEP is a flawed protocol. What many people don't realize is that WEP with AES is just as crackable, and it doesn't matter what the key size is. It's kind of like saying that no matter how nice the car engine is, if it falls out of the rusting car chassis, it's worthless.

That being said, one can conclude that a cryptographically sound algorithm (and RC4 would not be a good example thereof) coupled with a cryptographically sound protocol can still be compromised. The answer is.... Maybe. Depends on the two in question. We, for example, perform a number of tricks in our products to make the chance of success for even a brute force attack essentially zero.


I will, however, agree that all of the "security" methods that are available in the access points (MAC filtering, SSID broadcast disabling, etc) are so weak as to be laughable. WEP, crackable as it is, is much stronger than those approaches. WEP, at least, would take a minimum of hours to defeat. MAC filtering and SSID broacast disabling? It would be measured in minutes, and certainly on one hand.

it is easy as using kismet or any sniffer
http://www.wireless-fr.org/communaute/index.php?kismet
see the pic at the end of the page with client list.

Has anyone been able to get a 22mb WIFI network sniffed from a net stumbler type application? If so, what card have you been able to make work at 22mb and what drivers? I found that when the AP and STATION go to 22mb mode, they disappear from devices that can't talk at 22mb.

This seems to make them invisible to the standard 802.11b sniffers that only go to 11mb...

Any thoughts on this?

dld121

Originally posted by damado
Yes that is correct. Why not just use both MAC filter and WEP. I am using DLink 614+ and dont see any decrease in performance.

Sorry to tell you, but the Dlink 614+ does not really do mac filtering on the Access Point side. It operates within the router. If you don't match the MAC list you won't be able to access the internet, but you will still be allowed to access all of the other computers on the inside LAN, and browse computers, etc.

614+ MAC filtering...

I used to agree with your thoughts on it only filtering you from the internet, but later when someone gave me more instructions.

Seems that turning on MAC filtering and SHARED authentication causes an extra layer of protection. I could be wrong, but from what I have seen this "Shared Authentication" keeps stations that don't match the MAC address and the WEP key from evening associating with the AP.

This is my theory...if you force all WNICs and AP to 22MB, disable SSID broadcasts (requires latest drivers on all WNICS to work properly), enter all the MAC addresses for your home network, and then add the 256K WEP.

The final step of enabling Shared Authentication will make your home much more secure.

What do you think? Will it work?

Originally posted by timo
Sorry to tell you, but the Dlink 614+ does not really do mac filtering on the Access Point side. It operates within the router. If you don't match the MAC list you won't be able to access the internet, but you will still be allowed to access all of the other computers on the inside LAN, and browse computers, etc.
Since Firmware revision 2.10, the above is no longer true. MAC filtering affects Access Point, switch and WAN interfaces.

Does the MAC of the device that sends the Multi-Link signal to the AP has to be in the AP´s accepted MAC list or the MAC filter works only for the AP´s clients?

Thanks!

See ya!

Well this is what I did.
1. A set 256 bit WEP
2. I set the MAC filter
3. I disable DHCP and set pure static IP adress
So i feel secure cause no one will want to hack this theirs nothing worth hacking.