[NTLK] Mac Fitering And Encryption

Terence Griffin terence.griffin at nist.gov
Thu Mar 22 14:12:50 EDT 2012


How about reserving DHCP and limiting local IP address? Does that help 
keep outsiders off?


On 03/22/2012 01:10 PM, Jeremy O'Brien wrote:
> On Wed, Jun 15, 2011 at 04:37:55PM +0000, ssgconway at juno.com wrote:
>>    My WEP experience has been, as far as I know, good, security-wise.  Visitors who ask to get on-line have to be added to the MAC Address list or they cannot get on.
> Both are false. If someone wanted to get on your network, your WEP key
> can be cracked within _minutes_, and MAC address whitelisting is useless
> if you have at least one authenticated client on your network. The MAC
> address that the OS sends when it does its authentication is completely
> handled in software, and can be changed very easily. So all an attacker
> has to do is clone an authenticated clients' MAC address and boom, he's
> on.
>
> If I were parked outside your house and all you had was WEP and MAC
> address filtering, I could be on your network in 5 minutes tops.
>
> Not trying to hate, just trying to spread awareness of the _extreme_
> insecurity of WEP and the ease of breaking it and MAC address filtering.
>
> If you're actually concerned about your wireless security, at least use
> WPA2. Otherwise, you might as well be running an open network.
>
> Jeremy
>
> ====================================================================
> The NewtonTalk Mailing List - http://newtontalk.net/
> The Official Newton FAQ     - http://splorp.com/newton/faq/
> The Newton Glossary         - http://splorp.com/newton/glossary/
> WikiWikiNewt                - http://tools.unna.org/wikiwikinewt/
> ====================================================================




More information about the NewtonTalk mailing list