Brian, Short answer - yes, but only for people who have some malicious intentions (or your casual hacker). MAC spoofing is possible, and WEP can be cracked. Like you said - the ocassional user will probably give up once they realize you have WEP enabled. And if you ar using MAC filters, they will be even more frustrated and simply move on to the next open network.
If you are really interested in WEP cracking: http://wepcrack.sourceforge.net/ And MAC Spoofing: http://www.klcconsulting.net/smac/ Take a look, have fun! Regards, Joseph -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Kuhn Sent: Tuesday, February 22, 2005 7:55 AM To: [email protected] Subject: [SOCALWUG] linksys AP newbie question Hello, I am trying to understand the security limitations of my AP. In particular, I am trying to determine what someone would have access to if they were able to find my SSID, determine a valid MAC address, break my WEP key and connect to the AP wirelessly. I should also clarify that my AP is a "Wireless-B Broadband Router" from linksys (http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=544). It has a built-in firewall and four ethernet ports. I'm trying to determine if its wireless connection is inside our outside the built-in firewall. To test this out, I connected to it wirelessly and attempted to access a server connected to one of the ethernet ports via its internal IP address. This did not work. The router refused my connection. Are there any vulnerabilities that I am missing? I don't really care if someone wants to take the time to crack my AP and get an Internet connection. However, I must prevent them from gaining access to the wired network behind my AP's firewall. For now, I've put a firewall behind the wireless router just to be safe. Is this really necessary? Thanks, Brian Kuhn
