xa49rt

I had a neighbor who was using my wireless. So I changed my wireless to (1) not broadcast its SSID and (2) require the MAC address to be in my access table.

I've read from multiple sources that neither of these precautions are considered "secure". Does anybody know why?

I do not have a need for encryption since I don't do credit cards over wireless or any business information. I only want to prevent people from piggy-backing on my network and using my bandwidth.

TIA for your comments.

Vergil83

Your MAC address is transfered over the wireless. Anyone can run a program, get your MAC, and change their computer's MAC to yours. SSID is also not very useful.

If you neighbor is just doing it because your wireless was open, that may be enough to stop it. However, anyone who really wants to can easily break it. If you want to really stop piggybacking, you have to go the wpa route

__________________
Brilliant Mediocrity - Making Failure Look Good

xa49rt

Thank you for your prompt reply.

I am a little unsure as to how someone could read the mac addresses in my router (actually in the WAP). I assume that you are saying that a rogue wanting access would have to get the mac address WHILE a wireless user was using the WAP. If this is the case, then I can understand the vulnerability. However, the users of the WAP are either sporadic (the wife brings her laptop home to do some work) or constant (wireless printers that are always connected). So, if a rogue got a mac address, it would either be useless (since it is always used) or would only be useful when the wife or kid left the house. Since the WAP has the access list, how's a program going to communicate with the WAP before connection to the router? Don't you have to connect to some program running on one of the PC's?

Is my thinking still messed up? Is WEP my only option?


TIA.

AlexK

Think of it like this:
When a wireless device communicates to the router it sends its MAC address in the Ethernet packet. Your neighbor can pick this up by using a sniffing tool (does not require computer to be connected to a router) as wireless data is broadcast in all directions. Now he/she can change his/her computer's MAC address and gain access provided that the router's ARP cache/table contains the new MAC/IP pairings and ofcourse he/she provides the correct WEP key. Now suppose your neighbor accesses the router while your wife's computer is not at home, with the MAC address he/she can still get to the internet.

The best defense in your situation would be to use WPA not WEP pass phrase to enable access to the network. The reasoning behind this is that WEP is easily cracked and is generally not recommended.

__________________
Life is complex, it has a real part and an imaginary part.

xa49rt

Thank you for your enlightening explanation.

I would assume this sniffer is actually a receiver that just looks at packets exchanged between the WAP/router and the wireless cards. Then knowledge of packet structure would allow identification of the mac address within the packet.

I really do appreciate your detailed explanation of this concept. Thanks again.

AlexK

Yes that is entirely correct, if you want to see what these packets look like when your computer communicates to the router (whether it be wired or wireless), use a program like Ethereal to sniff packets going from and coming to your computer.

__________________
Life is complex, it has a real part and an imaginary part.

xa49rt

Alex,

Thanks again for your clarification. I sincerely appreciate your time and knowledge.