Hello,
On my home network, I have a hacked series 1 Tivo running off an old Orinoco Gold card. I don't know how to configure the Tivo for WEP and I don't think the card supports WPA. My question is how safe will I be if I simply run an open network and filter MACs, only allowing recognized wireless clients to connect? In theory, doesn't this approach alone lock out intruders or are there ways around it that I'm not aware of?
Thanks,
--Al
What ever goes across your WiFi network will be in the clear, but if you're only sending video, then no worries. If you were using passwords, credit cards, bank accounts, or private email, then someone intent on monitoring you, could do so with a simple WiFi laptop, and sniffer software.
Bill Crocker
On Tue, 23 Nov 2004 21:53:01 -0500, Al Puzzuoli spoketh
MAC address filtering is easy to get around. Since every packet of wireless traffic on your network contains the source and destination MAC address in clear text (even if your traffic had been encrypted), it doesn't take much to extract the MAC addresses and map out your network. Also, it's not only your wireless network that is exposed (unless you've separated your WLAN from your LAN with a router), but also your wired network. That means that people can connect to your LAN with a "forged" MAC address, and connect to any networked device on your LAN, wired or wireless. If you have you Quicken files in a shared folder on a Windows98 box, then they are all up for grabs...
Lars M. Hansen
This wont help for MAC spoofing, but I use AirSnare (free) and run it on one of my wired machines. You can tell it which macs are friendly and if someone elses gets on your network wired or wireless it will yell at you through the speakers or send you an email.
Great,
Thanks for this.
--Al
would think that enabling "Virtual LAN" like some of cpx/complex devices have, MAC would not be discovered _ Am I correct ?
No, the AP will filter packet by checking the included destination MAC address. So either you send an valid MAC address with the packet allowing it to be sniffed or it will not pass the APs filter.
VLAN is a simple protocol and offers no security for the tagged packets.
Thomas
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.