Print

Print


On Tue, May 29, 2007 at 12:03:07PM -0700, John Waaser wrote:
> I got it to recognize my home network easily enough, which is set up
> so that the router only talks to two different MAC addresses, both of
> which are on wireless cards that I own, so that's as secure as can be.

Well, not quite. The MAC addresses are listed in every packet and so
pretty easily discoverable. Most network interfaces (including wireless)
allow you to change the MAC addresses pretty easily, so this isn't a
very good security measure.

Besides, MAC filtering is only for restricting access to the AP. All the
traffic passed over the wireless link is still in the clear.

For wireless, WPA with a decent password is the closest thing to the
security of physical ethernet that you can get. By the time you've
worked out WPA on Linux, though, you may as well have gotten a really
long bit of cat5 :P. Here's to hoping the Dell deal will make at least
/their/ machines work without tinkering.


Wireless security curmudgeon,
-john



-- 
 .''`.
: :' : |  http://deadbox.ath.cx
`. `'  | This Sig Kills Fascists!
  `-