Sign in with
Sign up | Sign in
Your question

How secure is an open network using MAC filtering?

Last response: in Wireless Networking
Share
Anonymous
a b F Wireless
November 24, 2004 12:53:01 AM

Archived from groups: alt.internet.wireless (More info?)

Hello,

On my home network, I have a hacked series 1 Tivo running off an old
Orinoco Gold card. I don't know how to configure the Tivo for WEP and I
don't think the card supports WPA. My question is how safe will I be
if I simply run an open network and filter MACs, only allowing
recognized wireless clients to connect?
In theory, doesn't this approach alone lock out intruders or are there
ways around it that I'm not aware of?

Thanks,

--Al
Anonymous
a b F Wireless
November 24, 2004 2:04:42 AM

Archived from groups: alt.internet.wireless (More info?)

What ever goes across your WiFi network will be in the clear, but if you're
only sending video, then no worries. If you were using passwords, credit
cards, bank accounts, or private email, then someone intent on monitoring
you, could do so with a simple WiFi laptop, and sniffer software.

Bill Crocker


"Al Puzzuoli" <alpuzz@comcast.net> wrote in message
news:MPG.1c0dc199c7f33fd498968d@news.giganews.com...
> Hello,
>
> On my home network, I have a hacked series 1 Tivo running off an old
> Orinoco Gold card. I don't know how to configure the Tivo for WEP and I
> don't think the card supports WPA. My question is how safe will I be
> if I simply run an open network and filter MACs, only allowing
> recognized wireless clients to connect?
> In theory, doesn't this approach alone lock out intruders or are there
> ways around it that I'm not aware of?
>
> Thanks,
>
> --Al
>
Anonymous
a b F Wireless
November 24, 2004 9:35:18 AM

Archived from groups: alt.internet.wireless (More info?)

On Tue, 23 Nov 2004 21:53:01 -0500, Al Puzzuoli spoketh

>Hello,
>
>On my home network, I have a hacked series 1 Tivo running off an old
>Orinoco Gold card. I don't know how to configure the Tivo for WEP and I
>don't think the card supports WPA. My question is how safe will I be
>if I simply run an open network and filter MACs, only allowing
>recognized wireless clients to connect?
>In theory, doesn't this approach alone lock out intruders or are there
>ways around it that I'm not aware of?
>
>Thanks,
>
>--Al

MAC address filtering is easy to get around. Since every packet of
wireless traffic on your network contains the source and destination MAC
address in clear text (even if your traffic had been encrypted), it
doesn't take much to extract the MAC addresses and map out your network.
Also, it's not only your wireless network that is exposed (unless you've
separated your WLAN from your LAN with a router), but also your wired
network. That means that people can connect to your LAN with a "forged"
MAC address, and connect to any networked device on your LAN, wired or
wireless. If you have you Quicken files in a shared folder on a
Windows98 box, then they are all up for grabs...


Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)
Related resources
Anonymous
a b F Wireless
November 24, 2004 5:12:01 PM

Archived from groups: alt.internet.wireless (More info?)

This wont help for MAC spoofing, but I use AirSnare (free) and run it
on one of my wired machines. You can tell it which macs are friendly
and if someone elses gets on your network wired or wireless it will
yell at you through the speakers or send you an email.
http://home.comcast.net/~jay.deboer/airsnare/

You will need to also install winPcap 3.0. You can get it from the
ethereal.com website.


"Al Puzzuoli" <alpuzz@comcast.net> wrote in message
news:MPG.1c0dc199c7f33fd498968d@news.giganews.com...
> Hello,
>
> On my home network, I have a hacked series 1 Tivo running off an old
> Orinoco Gold card. I don't know how to configure the Tivo for WEP
and I
> don't think the card supports WPA. My question is how safe will I
be
> if I simply run an open network and filter MACs, only allowing
> recognized wireless clients to connect?
> In theory, doesn't this approach alone lock out intruders or are
there
> ways around it that I'm not aware of?
>
> Thanks,
>
> --Al
>
Anonymous
a b F Wireless
November 24, 2004 8:35:44 PM

Archived from groups: alt.internet.wireless (More info?)

Great,

Thanks for this.

--Al

In article <41a4eb40$0$800$2c56edd9@news.cablerocket.com>,
campbell@alliancecable.net says...
> http
>
Anonymous
a b F Wireless
November 25, 2004 5:05:28 AM

Archived from groups: alt.internet.wireless (More info?)

would think that enabling "Virtual LAN" like some of cpx/complex devices
have,
MAC would not be discovered _
Am I correct ?

"Al Puzzuoli" <alpuzz@comcast.net> wrote in message
news:MPG.1c0dc199c7f33fd498968d@news.giganews.com...
> Hello,
>
> On my home network, I have a hacked series 1 Tivo running off an old
> Orinoco Gold card. I don't know how to configure the Tivo for WEP and I
> don't think the card supports WPA. My question is how safe will I be
> if I simply run an open network and filter MACs, only allowing
> recognized wireless clients to connect?
> In theory, doesn't this approach alone lock out intruders or are there
> ways around it that I'm not aware of?
>
> Thanks,
>
> --Al
>
Anonymous
a b F Wireless
November 25, 2004 6:19:49 AM

Archived from groups: alt.internet.wireless (More info?)

bumtracks wrote:

> would think that enabling "Virtual LAN" like some of cpx/complex devices
> have,
> MAC would not be discovered _
> Am I correct ?

No, the AP will filter packet by checking the included destination MAC
address.
So either you send an valid MAC address with the packet allowing it to be
sniffed or it will not pass the APs filter.

VLAN is a simple protocol and offers no security for the tagged packets.

Thomas
!