I think its important to say though, that MAC address filtering/WEP keyed security can all be cracked, with somewhat ease thanks to the software available. Even if you block the ESSID, applications such as Kismet can detect the access point, even, the clients connecting to it (including their MAC addresses which can then be spoofed by the attacker). WEP can be cracked via an inhenerent weakness in the encryption. Hence there is no really good "built-in" way to protect yourself from a dedicated hacker (apart from say using a VPN tunnel over the wifi link).
Though that said a combination of all of the above will deter most casual hackers, as you'd be suprised, when we are conducting long range WiFi site surveys (as part of Melbourne Wireless, creating a city based mesh of wifi nodes http://melbourne.wireless.org.au) you'd be suprised by the sheer number of nodes that have an essid of DEFAULT and havent even bothered to turn on WEP, or even configure the thing, short of plugging it into the wall. Those people are the real victims of the war-drivers. Ryan ----- Original Message ----- From: "Bruce Johnson" <[EMAIL PROTECTED]> To: "G-List" <[EMAIL PROTECTED]> Sent: Friday, April 04, 2003 7:30 AM Subject: Re: While we're talking about networks . . . > Eric B. Richardson wrote: > > > Someone in this thread talked about limiting access to your network > > by specifying addresses that could access it. So would that mean, > > specifying the internet addresses on my machines? Specifying the > > addresses of remote machines? or both? > > NO, What I meant were the Ethernet hardware addresses. If you go into > Apple System Profiler it will show you the address in the Appletalk > section in Network Overview, it's a set of hex numbers like > '01.a2.4f.dd.34.25' and is unique for each physical ethernet device, > such as your Airport card, etc. > > The Base station will give these machines the internet address, > depending on the setup. > > At least that's how the wireless is set up in our network here. > > Here is a wireless reference book: > <http://www.oreilly.com/catalog/802dot11/>, and a sample chapter > <http://www.oreilly.com/catalog/802dot11/chapter/ch15.html>. It *is* a > bit dense and oriented to networking pros. > > A better solution might be "Internet Security for your Macintosh,: A > guide for the rest of us" from Peachpit Press: > > <http://www.peachpit.com/isapi/st~%7BBE17A1F3-54C4-4E75-A250-BA9ECE290FFE%7D /session_id~%7B7F146DE0-FF8A-4290-BD63-7B8180D4DB67%7D/product_id~%7BEC1339C C-5F7E-4F11-8FCC-993E8078BD93%7D/books/product.asp> > > though I've not seen it personally, it has a chapter on wireless networking. > > Another article and tipsheet on securing such a network > <http://www.extremetech.com/article2/0,3973,11388,00.asp> > <http://www.extremetech.com/article2/0,3973,11400,00.asp> > > (I was referring to item 10 in my post. In this article they talk of MAC > addresses, this stands for Machine Address Code, iirc, not Mac as in > Macintosh) > > More articles: > > <http://www.securityfocus.com/guest/5479> > <http://security.duke.edu/securepc/wireless.html> > <http://www.weca.net/OpenSection/secure_the_network_setup.asp?TID=2> > > > > > > > -- > Bruce Johnson > University of Arizona > College of Pharmacy > Information Technology Group > > Institutions do not have opinions, merely customs > > > > > -- > G-List is sponsored by <http://lowendmac.com/> and... > > Small Dog Electronics http://www.smalldog.com | Refurbished Drives | > -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! | > > Support Low End Mac <http://lowendmac.com/lists/support.html> > > G-List list info: <http://lowendmac.com/lists/g-list.shtml> > --> AOL users, remove "mailto:"; > Send list messages to: <mailto:[EMAIL PROTECTED]> > To unsubscribe, email: <mailto:[EMAIL PROTECTED]> > For digest mode, email: <mailto:[EMAIL PROTECTED]> > Subscription questions: <mailto:[EMAIL PROTECTED]> > Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/> > > Using a Mac? Free email & more at Applelinks! http://www.applelinks.com > > -- G-List is sponsored by <http://lowendmac.com/> and... Small Dog Electronics http://www.smalldog.com | Refurbished Drives | -- We have Apple Refurbished Monitors in stock! | & CDRWs on Sale! | Support Low End Mac <http://lowendmac.com/lists/support.html> G-List list info: <http://lowendmac.com/lists/g-list.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/g-list%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
