I have a MAC filter in place for everything that connects to my router. I also have WPA2 on the wireless.
When a friend comes around, I tell them the password (I trust them), they type it into their device, I then go to the admin screen, check the logs, add the MAC address to the filter and save.
Thinking about this process, it seems like since I have to add the MAC address before the device can connect properly, is there any benefit to actually having a password on the wireless?
It seems to me the answer is no (ignoring the fact that other people may see "Open" wifi and try to connect - I doubt I'll be DoS'ed). The only concern I have is how much access the device has to the network before the MAC filter kicks in - eg could an unknown device send a packet to other wifi devices / the local network?
In case it's relevant, the router in question is the D-Link DIR-615
Answer
Absolutely not.
MAC Addresses are painfully easy to sniff out and spoof. MAC address filtering is useful - in my experience - only when you're only concern is "ordinary" computer users who won't go any farther than failing to connect to the network. Handy for kicking off a roommate who has abused your generosity at keeping a network open by hogging bandwidth or the like, without incurring much inconvenience to yourself.
But for anyone even remotely determined to poke about your network? It's not enough.
No comments:
Post a Comment