From: hristo (hristo_at_mail.galaxite.net)
Date: 2001-12-16 18:56:38 UTC
Hi,
I agree that it is not 100% secure, and creates "a false
illusion of security". But how can you secure your Ap. One
can crack WEP, change MAC...so if i take a look at client
machine, I can make a "copy of this machine" (it is
hypothetic of course), and use HIS ISP AP for instance, And
tehere is Nothing that can be done to stop me!. I think that
if somebody knows how to hack (change) MAC, there would be
no problem to Crack WEP and brake the security..I maen it is
enough for me to have MAC Filtering only. What do you Think?
Regards
Hristo Nazarov
>
>
>
> On Sunday 16 December 2001 09:18, you wrote:
> > On Sun, Dec 16, 2001 at 09:53:37AM +0000, hristo wrote:
> > > How hard would be to implement MAC Filtering in Host
> AP?
> > > Just a text file with list of allowed MACs and Driver
> to
> > > check against every MAC and reject not listed MACS in
> that
> > > file (if file is empty All MACS are allowed). I think
> it
> > > would be fery nice and usefull Feature...
> >
> > It would be trivial to add MAC filtering to station
> authentication,
> > but I do not fully agree with this being useful. If this
> is seen
> > as an security mechanism, it would just create a false
> illusion of
> > security. It is easy to sniff a usable MAC address and
> then change
> > a station to use that MAC.
> >
> > If it is understood that MAC filtering does not really
> add any real
> > security and there is another use for it, I might
> consider adding
> > it. In addition, I would prefer this as a more generic
> method for
> > passing authentication handling to a userspace daemon.
>
>
> Greetings,
>
> New to the list and this is the first message that I see
> coming in. We are a
> Wireless ISP in Ohio. While I will agree that MAC
> filtering is not any type
> of "real" security tool, it does keep honest people
> honest, much like locking
> your car door, won't stop a car thief from smashing your
> window and
> hotwiring you buggy, it will stop the average guy from
> opening the door and
> looking inside. Mac filtering will also stop the
> accidental usage of ones
> system as well and give more control of the wireless
> system to the admins.
>
> We use it to help remind people when they are very late on
> paying there bill.
> ;-)
> --
> Mark Worstall
> offworld1.net
> This document produced with 0.0% Micro$oft products - GOT
> LINUX?