Rick Welykochy wrote: >> firstly. >> use MAC filtering > > Yup. I have an ACL for MAC addrs. Can that be cracked? i.e. keep > trying the *huge* MAC address space until they get in? Must take > until the heat death of the universe to do that.
If an attacker has successfully associated with your access point through whatever means, be it that the AP was open, or be it that they obtained the WEP key, it's simple for them to sniff the traffic going to and from your machines with allowed MAC addresses. Those MAC addresses are of course in the ethernet headers of those packets, so it's trivial for an attacker to obtain whitelisted MAC addresses as long as there is any legitimate traffic on the network. You definitely can't rely on MAC filtering alone. Just make sure to use WPA or WPA2 as suggested, as well as other sensible security measures suggested in this thread. You can additionally set up MAC filtering if you want to be able to say to people, "I use MAC filtering". That's about all it's useful for. Cheers, David -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
