I agree. MAC filtering is a pain to maintain and provides very little, if any, security.
# 1 on George Ou's six dumbest ways to secure wireless list. http://blogs.zdnet.com/Ou/index.php?p=43 Now granted, you've not said what the purpose for this wireless is so maybe you don't need much security. If it is for guests to web surf, put it on a separate vlan, give it internet access and be done with it. If it is for users and confidential credit union data, secure it as much as possible. Good luck. From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 10:54 AM To: NT System Admin Issues Subject: Re: WiFi setup I was messing around with cracking APs and its pretty easy to clone the MACs of devices connected to the AP to gain access when they are using MAC filtering. ----- Original Message ----- From: David W. McSpadden <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:[email protected]> Sent: Monday, June 30, 2008 10:08 AM Subject: Re: WiFi setup I have been getting the MAC's from all the other devices on the WAN. We are greating VLAN 127. It is the default vlan and will get to the internet only. If you don't have a MAC on the ACL you get a 127 dhcp address and pumped to the internet only. It isn't fully functional yet but it is coming. ----- Original Message ----- From: Steve Ens <mailto:[EMAIL PROTECTED]> To: NT System Admin Issues <mailto:[email protected]> Sent: Monday, June 30, 2008 10:06 AM Subject: Re: WiFi setup And use MAC address filtering... On Mon, Jun 30, 2008 at 9:01 AM, Erik Goldoff <[EMAIL PROTECTED]> wrote: and for security in a credit union environment, segment the wifi and use VPN from there to get in to the resources on the wired subnet (among other security measures) ________________________________ From: David W. McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2008 9:51 AM To: NT System Admin Issues Subject: WiFi setup I get to build a whole new datacenter for the Credit Union. Yeah. I am pretty good on everything with the exception that the new datacenter will have to have WiFi built in I am looking at 802.11g for now but I thought n was coming out. Does anyone have any comments on how to WiFi a 4000sqft building with 3 floors? Data Security is everyone's responsibility. No virus found in this incoming message. Checked by AVG. Version: 8.0.101 / Virus Database: 270.4.3/1526 - Release Date: 6/30/2008 8:43 AM ______________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
