WEP and MAC Filter

Hello! 20 June 2008

We have a DIR-300 wireless router, on which I have enabled a WEP key for the SSID, and also the MAC filter to allow only specific adaptors to access the network. I however find that the MAC filter appears to be inactive, as wireless adaptors that have the WEP key entered can access the lan without their mac addresses entered into the router. Is access given to (the WEP key entered OR the mac address is on the router); meaning either one of them is sufficient to access the router?

Mohan

Reply to
bnmohan via HWKB.com
Loading thread data ...

My Linksys WRT54Gv2 does it right: the WPA (or WEP) key must match AND the MAC address must match (if Permit Only is selected) for the PC to access the 'net.

Sounds like the DIR-300 has a bug or (just maybe) you did not correctly set up the MAC filter; double-check your settings.

Reply to
Bob Willard

Thanks!

Now my schedule for Saturday is ready!

Mohan

Bob Willard wrote:

Reply to
bnmohan via HWKB.com

This is a useless feature. All it take for someone to overcome a MAC filter is to make a text change in the network card setup to use a different MAC.

Worse, when an interace dies (or a USB dongle gets lost) it then requires the hassle of adding the new MAC.

Reply to
Bill Kearney

Hello,

Yes, they connect but they do not pass through to the network.

If you have the right hardware, you should use a strong WEP key such as 256 or 512 bits encryption. If not, a good long (rolling your head all over the keyboard) WPA or WPA2 key is the way to go.

Ciao @+

Reply to
F8BOE

Reply to
Bob Willard

The router is connected to the LAN via one of the 1-4 lan ports. There is no wan connection to the router. Machines with wifi adaptors connect to the lan via the router radio connection. Others are (obviously) wired. Re authentication: Network Neighbourhood Properties->wireless networks tab-

Cheers,

Mohan

Bob Willard wrote:

Reply to
bnmohan via HWKB.com

If the router is the DHCP server for the entire LAN, then I suggest that you let it also assign IPAs for the wireless PCs. If there is another DHCP server in the LAN, then you should disable the router's DHCP server (and assign static IPAs for your wireless PCs if you need to). In most SOHOs, you should avoid having more than one DHCP server in a LAN, since that may cause invisible nodes (due to multiple subnets).

But how you assign IPAs (dynamic or static) should have no impact on the encryption method for wireless nodes, or FWIW on MAC filtering.

Reply to
Bob Willard

Well.... a would be intruder would at least have to know what MAC to change his NIC to.

Reply to
jch

After going to the trouble of breaking the WEP key, spoofing the MAC address is trivial.

Jerry

Reply to
Jerry Peters

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.