Quote:
MAC address filtering would be a better term. Authentication implies a false sense of security
Agreed. The only reason I used the word "authentication" was that my subconscious was quoting the name of the menu option on my router. Their menu uses the word "authentication". I agree that it's overstating the case.
I also agree that it's a big hassle for little to no benefit. I do it on my home router, but your restating of the ease with which people can sniff and spoof mac addresses is making me reconsider. (Sniffing and spoofing MAC addresses *is* quite easy, I've done it many times) So thanks to this thread, I may well remove the MAC filtering on my home router soon, just to avoid the hassle when I get a new visitor or a new device.
Suggesting he try MAC filtering in his situation was there just in case he'd been pwned, it would have been a quick way to kick the hypothetical script kiddie off his LAN and see if his problem went away. Then again, so would switching to WPA, so I guess your point is well taken.
My reason for wanting the MAC filtering on my own home network was based on the following suppositions:
- I used it only as a secondary layer of protection, with the real security provided by WPA.
- My wireless network spends most of its time quiescent, so anyone trying to spoof a MAC address would have to sniff for the address only at the exact moments I was using it.
But you're right: WPA is pretty strong, and the hassle of MAC filtering outweighs those flimsy benefits.
Previous Topic
Index
