MAC address filtering - enough security??

I understand that WEP is crackable. However, ignoring the ability of
someone to do that and interpret the plain text content of your
transmissions, IF you use MAC address filtering, is that sufficient security
to prevent access to your wireless AP? I understand that MAC addresses can
be spoofed but I presume that it would be somewhat difficult to identify the
MAC address of another machine - - unless the WEP crackers then allow the
MAC address to be seen???

--
Bob Alston

bobalston9 AT aol DOT com

Bob Alston <(E-Mail Removed)> wrote:
> I understand that WEP is crackable. However, ignoring the ability of
> someone to do that and interpret the plain text content of your
> transmissions, IF you use MAC address filtering, is that sufficient security
> to prevent access to your wireless AP? I understand that MAC addresses can
> be spoofed but I presume that it would be somewhat difficult to identify the
> MAC address of another machine - - unless the WEP crackers then allow the
> MAC address to be seen???

Once you have the key, you can read all of the packet, including the MAC.
You can then go on to forge the MAC (preferrably when that machine goes
off-air).

--
http://inquisitor.i.am/ | private.php?do=newpm&u= | Ian Stirling.
---------------------------+-------------------------+--------------------------
"An enemy will usually have three courses open to him. Of these he will
select the fourth." -- Helmuth von Moltke

"Bob Alston" <(E-Mail Removed)> wrote in
news:1Fjhb.63331$Ms2.60803@fed1read03:

> I understand that WEP is crackable. However, ignoring the ability of
> someone to do that and interpret the plain text content of your
> transmissions, IF you use MAC address filtering, is that sufficient
> security to prevent access to your wireless AP? I understand that MAC
> addresses can be spoofed but I presume that it would be somewhat
> difficult to identify the MAC address of another machine - - unless
> the WEP crackers then allow the MAC address to be seen???
>

You can use a VPN protocol to further encrypt the packets being transmitted
between the machine and the router, along with using WEP.

Duane

To do this don't I have to have another computer on the other end of the VPN
connection? right now my wireless connected PCs mostly go to the internet.
So where would the VPN terminate?

--
Bob Alston

bobalston9 AT aol DOT com

"Duane Arnold" <(E-Mail Removed)> wrote in message
news:Xns940FCBC23817Bnotmenotmecom@204.127.199.17. ..
> "Bob Alston" <(E-Mail Removed)> wrote in
> news:1Fjhb.63331$Ms2.60803@fed1read03:
>
> > I understand that WEP is crackable. However, ignoring the ability of
> > someone to do that and interpret the plain text content of your
> > transmissions, IF you use MAC address filtering, is that sufficient
> > security to prevent access to your wireless AP? I understand that MAC
> > addresses can be spoofed but I presume that it would be somewhat
> > difficult to identify the MAC address of another machine - - unless
> > the WEP crackers then allow the MAC address to be seen???
> >
>
> You can use a VPN protocol to further encrypt the packets being
transmitted
> between the machine and the router, along with using WEP.
>
> Duane

Bob Alston <(E-Mail Removed)> wrote:
> To do this don't I have to have another computer on the other end of the VPN
> connection? right now my wireless connected PCs mostly go to the internet.
> So where would the VPN terminate?

You'd need to eitehr use one of the online services that terminates
in a VPN, or a router that supports VPN of some sort.
No, I have no numbers.

--
http://inquisitor.i.am/ | private.php?do=newpm&u= | Ian Stirling.
---------------------------+-------------------------+--------------------------
"I am the Emperor, and I want dumplings." - Austrian Emperor, Ferdinand I.

On another thread, I was just telling Ian that I didn't know about MAC
spoofing. I guess it's possible on Ethernet as well as wireless cards. Seems
like an oversight - I think the intent was to allow locally-administered
addresses to be downloaded, but apparently the firmware is not checking or
forcing the locally-administered bit in the downloaded MAC. Seems like this
should have been part of IEEE compliance testing, but now the horse is out
of the barn, so nothing can be done.

Anyway, it sounds like it's pretty trivial to change the MAC on Windows or
Linux, so MAC filtering doesn't help much at all.

BTW, some of the posts here imply that cracking the WEP key is required to
get the MAC address. Not true. The entire MAC frame header, including source
and destination MAC addresses, is transmitted in the clear. Only the MPDU -
the payload in the frame - is encrypted. If you think about it, you realize
that has to be true. With multiple hosts using different keys, if the MAC
address were encrypted the AP would not be able to select a keylist for
decryption. In fact, the MAC header contains a bit that indicates whether
WEP encryption is enabled or not.

"Bob Alston" <(E-Mail Removed)> wrote in message
news:1Fjhb.63331$Ms2.60803@fed1read03...
> I understand that WEP is crackable. However, ignoring the ability of
> someone to do that and interpret the plain text content of your
> transmissions, IF you use MAC address filtering, is that sufficient
security
> to prevent access to your wireless AP? I understand that MAC addresses
can
> be spoofed but I presume that it would be somewhat difficult to identify
the
> MAC address of another machine - - unless the WEP crackers then allow the
> MAC address to be seen???
>
> --
> Bob Alston
>
> bobalston9 AT aol DOT com
>
>

gary <(E-Mail Removed)> wrote:
> On another thread, I was just telling Ian that I didn't know about MAC
> spoofing. I guess it's possible on Ethernet as well as wireless cards. Seems
<snip>
> BTW, some of the posts here imply that cracking the WEP key is required to
> get the MAC address. Not true. The entire MAC frame header, including source
> and destination MAC addresses, is transmitted in the clear. Only the MPDU -
> the payload in the frame - is encrypted. If you think about it, you realize
> that has to be true. With multiple hosts using different keys, if the MAC

True, I may have been doing some of that implying, but through ignorance,
wireless is pretty new to me.

--
http://inquisitor.i.am/ | private.php?do=newpm&u= | Ian Stirling.
---------------------------+-------------------------+--------------------------
Acting is merely the art of stopping a large number of people from coughing
- Sir Ralph Richardson

"Bob Alston" <(E-Mail Removed)> wrote in
news:9Onhb.63894$Ms2.36817@fed1read03:

> To do this don't I have to have another computer on the other end of
> the VPN connection? right now my wireless connected PCs mostly go to
> the internet. So where would the VPN terminate?
>

I did some checking and it seems that you need two vaild end points and the
router is not one of them, if the wireless connection using VPN was not
connecting to another VPN end point over the Internet.

Duane

Bob Alston <bobalston9ATaolDOTcom> writes:

> To do this don't I have to have another computer on the other end of the VPN
> connection? right now my wireless connected PCs mostly go to the internet.
> So where would the VPN terminate?

At the other end of your own wireless link. That is I'd expect
all you're interested in protecting are the data carried on the
radio signal so that's all you need to do.

Billy Y..