How secure is wireless MAC filter?

[pookguy88]

how secure is it?

 

[Cooky]

Not very secure. It's not too hard to spoof MAC addresses.
JackMDS has a nice writeout about wireless security here

 

[nweaver]

use wep, and ignore the "it slows the wireless down" stuff.. It doesn't slow the wireless down enough to matter.

With mac filtering, I can hack your network within seconds of you using it. Use it WITH wep/wpa for enhanced security.

 

[JackBurton]

Not very. For the love of God, use WPA. How hard is it to implement? Jees.

 

[spidey07]

Originally posted by: nweaver
use wep, and ignore the "it slows the wireless down" stuff.. It doesn't slow the wireless down enough to matter.

With mac filtering, I can hack your network within seconds of you using it. Use it WITH wep/wpa for enhanced security.

True, but wep/mac filtering, non-broadcast SSID will keep out all but the knowledgable/determined (sp?

 

[Punisher007]

Would anyone recommend getting a wireless firewall for a small business? I'm looking at the Watchguard Firebox X5W, but not sure how secure the WPA/WEP features are? If it's not secure, I will just stick to wired.

 

[ScottMac]

MAC filtering is not secure at all ... and you don't even really need any tools to spoof someone elses's MAC.

WEP, of any size, is not secure. There are scripts available on many of the Warz boards that can defeat WEP without any real knowledge on the cracker's part.

WPA-PSK (pre-shared key, similar to WEP) CAN be secure, as long as you don't use dictionary words or phrases. Break up "normal" words with numbers or punctiation ... mix upper and lower case characters, and make it as long as possible ... you only have to enter once per machine ... paste it to a notepad file and cut & paste it into the client .... this is not rocket science.

If you're inclined to go the easy / lazy route, remember that if you've used a credit card from your machine, it's still available to an intruder (for weeks, months, years, depending on how you use your machine) if they look in the right places, also keep in mind that any damage done through your connection is (at least) partially your liability.

It's easy enough to protect your connection, there's no reason not to. Even 11 Mbps wireless is faster then the vast majority of Internet connections, even if it's "slowed down" with encryption.

WPA-PSK is easier to implement that MAC filtering. If you wanted to use MAC filters, use WPA-PSK instead ... it's easier and vastly more secure (even if done wrong).

FWIW

Scott

 

[skyking]

Originally posted by: Punisher007
Would anyone recommend getting a wireless firewall for a small business? I'm looking at the Watchguard Firebox X5W, but not sure how secure the WPA/WEP features are? If it's not secure, I will just stick to wired.

If you are OK wired now, by all means DON'T implement wireless.

 

[watts3000]

The onoly true way to secure wireless is via a vpn connect or using a certificate based solution.


http://a1204.g.akamai.net/7/1204/1401/0...ndnoble.com/images/7040000/7042365.jpg

 

[JackMDS]

I keep a simple rule.

1. There is level of security that is maintained in a person?s Car (Key, Club. Alarm etc.)
2. There is s a level of security that is maintained in your residence.
3. There is a Level of security that you can maintain with Wireless.

There is No full prove for any.

Most people feel comfortable at a level that is a combination of what is the value of what they are protecting, the neighborhood, and most important their own psychology. I.e. the level of maintained every day Paranoia.

Do you think that it is a coincidence that the TV show Fear Factor is so popular?

Do with the Wireless what you do with your Car, Home, etc.

P.S. A lot of the hoopla of wireless security is a Fashion. I am Not trying to be little the importance of Wireless security, but it easy to see that the majority of the reporters that write these stories do not actually understand what they are writing about.

Yeah you absolutely positively do not want my Bank to conduct their business via 802.11x Wireless.

However who is going to sit for days trying to break your Wireless WPA to steal your the mp3/mpeg files.

:sun:

 

[Cooky]

who is going to sit for days trying to break your Wireless WPA to steal your the mp3/mpeg files.

Maybe he's one of the Soprano's associates trying to hide from the Feds.

 

[SaigonK]

You need to pusha ton of data to hack WEP, let alone WPA hacking. So dont sweat it out. Using MAC filtering might give you one more small roadblock to someone borrowing your connection but it certainly isnt foolproof as was pointed out previously.

VPN over wireless is the way to go, I wouldnt say dont install wireless, if you have a use for it at work, just make sure it is secure.
I have installed about 17 Cisco units here in this building alone, but we run all connecitons via VPN, aldo we turn on PSPF on the Ap so that iner-client communication through the AP is shut down.

We have a dirty lan that serves out DHCP and nothing else, when a user gets an IP the firewall on our vpn box allows them to just access the vpn box to make a tunnel connection.

 

[JackMDS]

Originally posted by: Cooky

who is going to sit for days trying to break your Wireless WPA to steal your the mp3/mpeg files.

Maybe he's one of the Soprano's associates trying to hide from the Feds.

LOL, the sopranos are in New Jersey, he is Canadian.

:sun: