Sign in with
Sign up | Sign in
Your question

How does MAC address filtering secure a network?

Last response: in Networking
Share
March 8, 2011 11:13:05 PM

Hello,
How does MAC address filtering secure a network?
March 8, 2011 11:58:38 PM

It doesn't.
March 12, 2011 9:59:34 PM

kuda_58 said:
Hello,
How does MAC address filtering secure a network?



It allows only Computer Names you list in the Router plus Their Network MAC Address to connect to your router wirelessly!
Related resources
March 15, 2011 10:47:45 PM

MAC addresses are serial numbers embedded with a piece of hardware, unlike an IP address, it can't be changed. Every NIC has it's own MAC address, therefore, if you use MAC address filtering, only those specific pieces of hardware will have access to your network.

Unfortunately, I do believe MAC addresses can be spoofed almost as easily as IP addresses. The good news is, although they might be able to be spoofed...the spoofer (real word?) would still need to know what MAC addresses you have given access to your network.
March 16, 2011 2:03:46 PM

Which you would use Kismet to do.

Its completely pointless in a way.

If you have a WPA Encryption enabled, a user can't access your network anyway, so really, that's pointless. Even if someone somehow aquired your passkey for you network, they method in which they did so would reveal the MAC addresses of connected device to that Network anyway(Kismet), which they could then spoof(easy as) and gain access to your Network.

This is slightly similar to many people's theory that having a Hidden SSID actually works, well it doesn't, if you have a password on your network, a person can not guess that password regardless of the network being Hidden or not. If someone did want to get into a nearby network, the tools he would use would reveal the Hidden networks anyway.

So I would go straight with Eibgrad, It doesn't.
If you still want to know how it works, it works by blocking all devices from connecting to your Network. Then to allow your devices to connect to the Network, you must add your devices MAC address to the allow list, so it is allowed to connect to the network.

It basically filters out the good and bad, you define what's good, and it assumes everything else is bad (Analogy)

Thanks
Axxeon
March 16, 2011 2:45:40 PM

axxeon said:
Which you would use Kismet to do.

Its completely pointless in a way.

If you have a WPA Encryption enabled, a user can't access your network anyway, so really, that's pointless. Even if someone somehow aquired your passkey for you network, they method in which they did so would reveal the MAC addresses of connected device to that Network anyway(Kismet), which they could then spoof(easy as) and gain access to your Network.

This is slightly similar to many people's theory that having a Hidden SSID actually works, well it doesn't, if you have a password on your network, a person can not guess that password regardless of the network being Hidden or not. If someone did want to get into a nearby network, the tools he would use would reveal the Hidden networks anyway.

So I would go straight with Eibgrad, It doesn't.
If you still want to know how it works, it works by blocking all devices from connecting to your Network. Then to allow your devices to connect to the Network, you must add your devices MAC address to the allow list, so it is allowed to connect to the network.

It basically filters out the good and bad, you define what's good, and it assumes everything else is bad (Analogy)

Thanks
Axxeon


It listed somewhere that WPA was hacked into already in 2006, was some A+ 2009 Certification Book! Too many licensed hacker certs now a days, not sure about WPA-2 which looks more secure! I remember back in the days 448Bit AES Blowfish was the way to go to encrypt your hard drive to make sure no one can access back in the days of win2000/XP I wonder when AES is going to hit higher than 256Bit!
March 17, 2011 12:05:52 AM

Sorry, when I say WPA I mean WPA in general, no specific one. To crack a WPA2, you would need to capture 4 packets, called a 4-way handshake I beleive, and you capture these whena device is connecting to a Network, so you would force disconnect them, and then when they reconnect, capture these packets. You then brute force these packets, and then you have the password. The time in which it takes to brute froce this key, depends on how secure the password is. So always go with WPA2, and never WEP, because WEP taks 5 minutes to crack.

But anyways, my information still applies:) 
March 17, 2011 4:35:01 PM

axxeon said:
Sorry, when I say WPA I mean WPA in general, no specific one. To crack a WPA2, you would need to capture 4 packets, called a 4-way handshake I beleive, and you capture these whena device is connecting to a Network, so you would force disconnect them, and then when they reconnect, capture these packets. You then brute force these packets, and then you have the password. The time in which it takes to brute froce this key, depends on how secure the password is. So always go with WPA2, and never WEP, because WEP taks 5 minutes to crack.

But anyways, my information still applies:) 


Thought I read some wehre their is WPA-3 or in the works As far as I rembeber WEp is 64bit-128 bit and WPA is 192Bit-256Bit Depending on what protocol authentication you use! Need to get that new Network Security Administrator from Career Academy and update my Aging Network+2003! Read a new A+2009 book that was current on the market but didn't touch base on enough in depth material, Had to use wikipedia to go more in depth!
March 18, 2011 1:33:28 AM

Yes WEP is 64Bit/128Bit, but in WPA and WPA2 the encryption key changes frequently. What happens when you crack WEP is, you capture enough packets from the Network (Usually about 10000), and then you decrypt the packets and you have the key.

With WPA is dynamically changes the 256Bit encryption key, so any packets you capture are inconclusive.
March 18, 2011 1:36:10 AM

Wanna select a best answer?:) 
!