 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
> MAC filtering is useful to prevent casual or unintentional use of an > otherwise open network. Much the same way that turning off broadcast of > the network ID discourages casual use, but has no real impact on > security. But both can have some value in slightly raising the bar > against attacks, in the same way as having ssh listen on an alternate > port does. > > ?-Tom > Both the MAC and SSID are in the non-encrypted portion of a wireless packet and have to be for wireless to work. Looking at this data can be done without any knowledge of the target. So it's more similar to the protection of moving ssh to a non-standard port and then broadcasting the port number to the network that ssh can be found at if such a protocol existed for that. To pull off an attack on a ssh on a non-standard port you have to at least port scan the target which will likely result in traffic from your IP address being blocked. Although this can be done in a distributed manner making it tough to detect. This wouldn't really slow down anyone with the knowledge to maliciously break into a wireless network. But MAC filtering like you say prevent the casual use or an otherwise protected network. Similar to how moving the port of ssh will prevent a script kiddy from running brute force attempts against your server. -- David
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
