MAC ID filtering is a completely worthless exercise, and gives a false sense of security for those that don't understand wireless security.
Why do I say this? Because all MAC ID filtering does is check your MAC address before giving access to your network. It provides zero encryption.
There are 2 types of attacks someone can do to your network: passive & active.
A passive attacker sniffs & stores your WiFi network traffic- your e-mail, the web sites you visit, and your IM - everything broadcast over the air – and can sift through it at a later date to pull out anything they see as interesting. For example, if you access a POP3 e-mail account over WiFi, every time you send/receive mail, you are broadcasting your username & password over the air. As a hacker, I can capture this information and once I get access to your e-mail, I can know everything about you, and you’ll never know that I’m there. As a passive attacker, I can sniff your network from a mile away with a $49 directional antenna, and you’ll never even know that I’m there. MAC ID filtering does nothing to stop passive attacks because it provides no encryption.
An active attack is when I join your network, and start accessing resources (bandwidth, files, or devices) as part of the network. MAC ID filtering blocks access to the network if the MAC ID isn’t registered with the access point. The fallacy of MAC ID filtering is that it’s hard to crack. Because MAC ID filtering doesn’t block passive attacks, I can sniff your MAC address, change my MAC ID to be the same as yours, and join your network as you. From a hacker’s perspective, I just got a free license to masquerade as you. Anything I do on your network or the Internet looks like I’m doing it from your PC and your IP address. :-)
Don’t be lulled by MAC ID filtering. It provides no protection against passive attacks on your network, and puts up a 30 to 60 second barrier from actively attacking your network. WEP filtering is a little more secure, but I would hardly say it makes you secure 99% of the time.
There’s a good white paper at:
http://www.lucidlink.com/media/pdf_a...ly_dangers.pdf
It talks about the 5 fallacies of unsecured & poorly secured networks.
There are only 2 ways to secure a Wi-Fi network: WPA-PSK and RADIUS Security. WPA (the successor to WEP) is slightly more difficult than WEP, but if you can put together hexadecimal security keys, and don’t mind the configuration hassle, this is good enough for many consumers. Until last year, RADIUS was only used in enterprise applications, but the guys at LucidLink introduced a really easy to use Wi-Fi security product that now makes RADIUS work for home & small offices.
Public and private WiFi with one router
Linear Mode
