"Meh, this is simply not true. My home AP might is plenty secure from my SOHO technology noob neighbors with MAC filtering - few, if any, of them even know what an "AP" is much less "MAC spoofing"."
Gotcha there... my closest neighbors (my parents) are a mile a way.. and I just don't see my dad hacking my AP.. lol Having said that filtering technologies such as MAC filtering are far too difficult to manage given the relatively small security return provided and as such should be avoided given the fact that other superior authentication and access control mechanisms exist. In my solution MAC filtering has be simplified and easy to manage. I set up using cron/bash script to download the new approved and banned MAC lists on a regular interval. As well as check the local server for OS updates, AV updates. The Master MAC list is a MySQL database, with other information as well... we track all information of the machine from day it was ordered til it dies. All work done to it and current and past configurations... ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
