Archived from groups: (
More info?)
MAC filtering isn't really a security solution at all, since every packet
sent across your wireless network includes your MAC address. Anyone with a
good sniffer WILL discover your MAC or ANY MAC on your wireless network. MAC
addresses CAN be spoofed, this isn't very hard to do at all, Thus MAC
filtering doesn't offer any security at all.
Disabling SSID doesn't offer any security either, since every packet sent
across your wireless network includes the SSID, even when turn off
broadcasting SSID is set to off.. Again, anyone with a good sniffer WILL
find your SSID. Also, turning off SSID broadcast(which you think your doing,
but really it can't be done, due to 802.11 standards) can cause connectivity
problems with WinXP. Disabling SSID broadcast would be the same as:
Buying a house, turning off the outside light( thus no one can see your
house) and leaving the front door unlocked. When someone FINDS the house,
they will come in and you really haven't secured the home at all.
Use encryption for security. That's what it's for and that IS the only
solution for wireless security.WEP at the very least, WPA, WPA-PSK, or even
better use WPA2(802.11i standard). Encryption IS the only way to keep others
out of your network.
Think of it this way. If someone can gain access to your wireless signal and
connect to it, then they also have access to any internal network shares
that you may have. If you don't share anything on your network, keep in mind
that ALL windows machines have hidden administrative shares, and anyone with
the proper knowledge, can access your complete systems on your network.
YOU bought the computers. YOU bought the network hardware. This equipment
belongs to YOU. Why then wouldn't you want to protect your investment and
secure it properly using the encryption already built into the hardware that
you already purchased. I have heard this so many times. Is turning off SSID
good enough? Is limiting DHCP scope good enough? Is MAC filtering good
enough? The answer to ALL of these is NO. None of these offer ANY security.
Use Encryption. That is the ONLY solution.
That's my .02
TW
"N. Miller" <anonymous@discussions.microsoft.com> wrote in message
news:1gf7x3cslqk2s.dlg@discussions.microsoft.com...
> On Thu, 15 Sep 2005 23:31:39 +1000, Greg wrote:
>
>> Mac filtering is OK but what you SHOULD do is turn broadcast off to make
>> it
>> harder to find. It isn't a total solution but it certainly helps.
>
> MAC filtering is better than disabling SSID broadcast. If it was one, or
> the other, MAC filtering would be the way to go.
>
> If you use WPA-AES you don't really need to disable SSID broadcast.
>
> --
> Norman
> ~Win dain a lotica, En vai tu ri, Si lo ta
> ~Fin dein a loluca, En dragu a sei lain
> ~Vi fa-ru les shutai am, En riga-lint