wireless security

[jihiggs]

since wep is not secure unless you change the key randomly every day i plan to just use the mac address access list. is this secure? is wep and mac address filtering just redundant? and is mac address filtering more secure than wep?

wpdclan.com counter-strike game server - 66.150.155.52:27015
now featuring valve security module!

 

[kwebb]

MAC spoofing takes a few seconds. 128 bit WEP would take the average person that can see your WLAN a day or more. Might as well use mac filtering. It's available and there's no performance hit but WEP, though flawed, is a better deterrent. Use both and any other security measure at your disposal if you think your vulnerable. I use ACL's on my AP/Router instead of MAC filtering as my AP doesn't support MAC addy filtering.

 

[jihiggs]

yea but if the mac address thats in the list is in use wouldnt they both be unusable if there were two devices with the same address?

wpdclan.com counter-strike game server - 66.150.155.52:27015
now featuring valve security module!

 

[kwebb]

I've often wondered that myself but never seen that question answered or even asked, which is odd. I'm not a hacker but my guess is that an advanced hacker could cause the association table to reset, then associate first. Now if you were on and using the network you'd notice that event. Point is that it is easy to get around that security measure. Encryption is more secure ultimately but as I mentioned, both should be used and any other security layer at your disposal if your concerned about the penetration of your WLAN.

 

[goloap]

Also another helpfull security tweak is to disable DHCP server. So even if somebody spoofs the mac address and connects to the access point, he would need to find a valid IP address.

In ancient times they had no statistics so they had to fall back on lies

 

[jihiggs]

uhh, its not that hard to find a valid ip address on a soho router. hmm, oo i know, i know! 192.168.0.x or 192.168.1.x! the only solution is to get 255 computers lol.

wpdclan.com counter-strike game server - 66.150.155.52:27015
now featuring valve security module!

 

[kwebb]

however many routers will let you change the IP scheme to something other than the 192.168.x.x common SOHO network address. Personally I use the 172.16.X.X private network. Even they don't allow the first two octets (or all) to be changed, if you change just the third the combinations become MUCH to vast for the average Joe to put the effort in to try to crack it. My router, and many like it I'm sure, allow you to limit by pool of addresses and even have IP ACL's. Yeah, disabling DHCP is just about as critical as any security measure if your really trying to lock down your WLAN.