On Monday, 6 February 2017, at 19:50:24 GMT, Terry Coles wrote: > I understand what that is saying, but I'm not just relying on > cloaking; I'm using MAC Adress filtering too (as well as WPA2 > PSK encryption).
MAC address filtering does not really add any security. Before it comes into play, the attacker still needs to crack your WPA2 encryption. If that's within their capability, then they almost certainly know how to discover and spoof an authorised MAC address by eavesdropping on your network traffic. > My main reason for using it is to reduce the chances of some > young up and coming geek from even trying to hack me. That is interesting to consider. I wonder how the psychology works out. Are hidden networks "off the radar", or do they look like juicier targets, because somebody is trying to hide them? I find Ralph's suggestion of choosing a SSID that doesn't stand out interesting too. Are attackers even looking for SSIDs that stand out? Some attackers might actually be attracted to default-sounding SSIDs, in the hope of finding an easy target with a weak password. But, mind-games aside, at the end of the day you are still just relying on the WPA2 encryption. If that's broken, then the other measures are just ways to paper over cracks in the dam. > 'Worse still, because a station must probe for a hidden SSID, a > fake access point can offer a connection.' > > Correct me if I'm wrong, but wouldn't that fake AP have to > spoof the MAC Address of my Router or know what the SSID was? Determining and spoofing the MAC address and SSID is totally feasible. However (and I could be wrong about this -- I was unable to verify with a web search), I think WPA2-PSK uses mutual authentication of the client and access point. So, your devices would not connect to a fake access point unless the fake AP could prove that it knew the passphrase for your network. If the attacker knows the passphrase, then all bets are off. -- Next meeting: Bournemouth, Tuesday, 2017-02-07 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ New thread: mailto:[email protected] / CHECK IF YOU'RE REPLYING Reporting bugs well: http://goo.gl/4Xue / TO THE LIST OR THE AUTHOR
