While they may serve as a very minor deterrent to the casual passerby, I guess that my point is that it's a waste of time, even on a home deployment, to implement when you are hopefully deploying WPA (with AES, since there is a vulnerability with TKIP) or WPA2 anyway. From the author's follow-up to that article: "These aren't layered approaches; they're more like buying overlapping warranty coverage, since any benefit against casual bandwidth thieves is already covered by real security measures."
Greg > -----Original Message----- > From: hardware-boun...@hardwaregroup.com [mailto:hardware- > boun...@hardwaregroup.com] On Behalf Of Bino Gopal > Sent: Tuesday, April 28, 2009 5:22 PM > To: hardware@hardwaregroup.com > Subject: Re: [H] MAC Address Filter > > I wouldn't say *utterly* pointless. The article is good in pointing > out the > issues and people who think using these measures=security (which it > doesn't), but his points are more tailored to an *enterprise* rather > than a > home user with an AP... > > To wit, MAF is pointless in a work environment, but again, using simple > psychology, which AP is a person looking for free wireless going to > target-the one that's broadcasting the SSID and has no MAF, or yours > that > requires a sniffer to find the SSID and a MAC to steal! > > As per http://www.lanarchitect.net/Articles/Wireless/SecurityRating/ if > a > bored hacker is trying to get in, even L2 will protect you since they > have > to steal your password to get in. And if that hacker is really > targeting > you, then even L3 will protect you; but no one needs that for home use > (but > at least use WPA2 since WPA can be cracked now; and forget WEP!). >
