MAC address filtering for wireless networking isn’t real “security”. Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective than WEP — and that WEP can be cracked almost instantly these days with commonly available tools. This doesn’t mean MAC filtering is useless. Its …
MAC address filtering for wireless networking isn’t real “security”. Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective than WEP — and that WEP can be cracked almost instantly these days with commonly available tools.
This doesn’t mean MAC filtering is useless. Its resource consumption is almost unmeasurable, and even if it doesn’t keep out any reasonably knowledgeable security crackers willing to spend a few moments gaining access, it does keep out a lot of automated opportunistic attacks that are aiming solely for the absolute lowest-hanging fruit on the security tree. Since that lowest-hanging fruit consists of the majority of wireless access points, MAC filtering can be of value as a way of turning away the majority of opportunistic attackers.
Don’t rely on MAC filtering alone, however. Please, just don’t. It’s a bad idea. People seem to think “Oh, well, sure a determined attacker can get past it, but not anyone else.” It doesn’t take much determination at all to spoof a MAC address. In fact, I’ll tell you how:
You can spoof a MAC address when using Nmap with nothing more than a --spoof-mac command line option for Nmap itself to hide the true source of Nmap probes. If you give it a MAC address argument of “0”, it will even generate a random MAC address for you.
For more general MAC address spoofing, your MAC address is trivially reset with tools available in default installs of most operating systems. Here are some examples:
All of these techniques can of course be automated by self-propagating malware, and the creation of the malware can even be automated to some extent by existing malware creation “kits”. If that doesn’t convince you that MAC filtering does not provide real security, I don’t know what will.
\ I'm an IT consultant, developer, and writer. I hold both MS and CompTIA certs and am a graduate of two IT industry trade schools. I was at one time the datacenter technician for the Wikimedia Foundation, probably the \"coolest\" job I've ever had: major geek points for being the first-ever paid employee of the Wikimedia Foundation. I was sad to give it up, but moving to Colorado kinda makes working in a Florida datacenter difficult. I have also written hundreds of articles for TechRepublic. \ Aside from directly work-related skills, I'm an ethical theorist and industry analyst with a keen eye toward open source technologies and intellectual property law. Both parents have worked in IT/IS about as long as I've lived, and I have an enthusiastic interest in computing even outside my profession. I've been playing with computers off and on since about 1980. I started just in time to see an IBM 7072 in operation. \ I'm an active member of a great many Internet-enabled and meatspace computing enthusiast and professional communities including mailing lists, LUGs, and so on. \ See more at: \ \ Apotheonic Labs \ blogstrapping \ Chad Perrin Dot Com \ Copyfree Initiative \ Singular IT, LLC \ UnivAcc \ \ You can find many of my TR articles in a publication listing at Apotheonic Labs, though changes in TR's CSS have broken formatting in a lot of them. \ \ \ Open Works License | http://owl.apotheon.org \
