On 10/24/05, Harondel J. Sibble <[EMAIL PROTECTED]> wrote:
>
> Say what? If someone is associated to the AP, he'll have the mac address
> in
> all of 30 seconds. It only takes 1 packet to get the mac address since
> it's
> transmitted in the clear for EVERY SINGLE packet.
True, but how many people are associated with their AP 24/7? If you're only
connected to your AP when you're actively using it, somebody would either
have to get lucky or would need to stake out your AP until you connect. Even
if you are connected when somebody tries to access your AP, I doubt most
casual wardrivers will even bother to sniff for a MAC address. Most of the
time, sniffing will be fruitless, so why bother even trying when you can
just try the next AP on the list to see if you connect without MAC spoofing?
Granted, relying only on MAC restrictions to secure your LAN is not a good
idea, since somebody *could* just happen to sniff while you're connected,
which is why you should use additional security. Still, if somebody wants
on, they'll get on, so the best security is to keep your AP outside of your
firewall. Then, if somebody does manage to connect to it, despite your
security measures, they'd be no more a threat than any other hacker on the
Internet.
In any case, if you've secured your AP the best it can be, most malicious
hackers won't spend the time needed to crack it, unless you're the only AP
around for miles. In that case, you'd want to turn off the AP when you're
not using it and closely monitor it when you are.
--
Troy
--
----------------------------------------
WIN-HOME Archives: http://PEACH.EASE.LSOFT.COM/archives/WIN-HOME.html
Contact the List Owner about anything: [EMAIL PROTECTED]
Official Win-Home List Members Profiles Page
http://www.besteffort.com/winhome/Profiles.html
