Sign in with
Sign up | Sign in
Your question

White Listing MAC Address VS Encryption

Last response: in Networking
Share
August 7, 2011 6:42:59 PM

I was looking into making my network more secure. As had heard that encryption can make networks slow down by up to 30 % and was wondering if that was really true? Also was wondering some of the pros/con's between White listing a mac address against encryption on the router end.

For clarification by encryption I mean, setting up a encryption level where you have to input a key to log onto the network.
August 7, 2011 6:54:37 PM

Mac Addresses can be spoofed, and encryption should not cause enough of a problem that your bandwidth is noticeably impacted.

m
0
l
August 7, 2011 9:14:09 PM

Adding various forms of encryption does decrease your throughput, but not to the point where you notice a difference during use.

You can whitelist MAC addresses, but there are very generic tools available that counteract this feature. You'd be better off disabling the broadcasting of your SSID and selecting a decent strength WPA2-PSK with TKIP encryption passphrase. If your router supports it though, use AES encryption instead.
m
0
l
Related resources
Can't find your answer ? Ask !
August 11, 2011 6:10:32 PM

calmstateofmind said:
Adding various forms of encryption does decrease your throughput, but not to the point where you notice a difference during use.

You can whitelist MAC addresses, but there are very generic tools available that counteract this feature. You'd be better off disabling the broadcasting of your SSID and selecting a decent strength WPA2-PSK with TKIP encryption passphrase. If your router supports it though, use AES encryption instead.
I partially agree even though I read somewhere that hiding your SSID in certain routers may not be a desirable option anyhow. Here you can find this article, "How WPA wireless networks are hacked, and how to protect yourself"--February 7, 2009, which explain everything you need to know about how to protect your wireless network (sorry for the redundancy). I hope this helps.

m
0
l
August 12, 2011 4:30:25 AM

You partially agree? If they've already established a relationship with the network why wouldn't they want to disable SSID broadcasting to decrease vulnerability? And why would that decision be based off the type of router? The real criteria would be the main purpose of the network in correspondence to it's function. i.e. - a business wanting a WVLAN for it's higher ups, a hospital offering free WLAN for guests, etc.

Also, that article, by no means, explains everything one needs to know about protecting their network. The article ONLY addresses specific encryption methods - WEP, WPA/2, AES - and how one would go about correctly implementing those various forms. The title alone, "How WPA wireless networks are hacked..." limits the article strictly to encryption. In no way does it explain all, even most, aspects of network security and the steps one should take to correctly applying them to their own.

If you really wish to secure your network you should whitelist MAC addresses, choose an AES-256 encryption passphrase with 10+ characters, consisting of at least (1) capital letter, (1) number and (1) symbol. Also, SSID broadcasting should be disabled, and the network admin should be running an active, as well as passive, IDS.

Now, I don't see how you could disagree with that...
m
0
l
!