Re: Linksys routers

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Chuck (none_at_example.net)
Date: 03/18/04 

Date: 18 Mar 2004 11:30:03 -0600

On Thu, 18 Mar 2004 08:26:27 -0800, "Sam" <anonymous@discussions.microsoft.com>
wrote:

>I have a linksys router and read something about I should
>enable MAC address filtering. If I do, will I be able to
>go out to the Internet with these XP machines? I would
>like to still have Internet access.

Sam,

MAC filtering limits the wireless devices that can connect to (associate with) a
wireless router. You do this to prevent anyone unknown in your wireless
neighborhood from using your network for internet access, or access to your LAN.
Remember that your wireless neighborhood may extend far from your front door.

If you enable MAC filtering, and you enter the MAC addresses of all the wireless
devices which you own, those devices and only those devices will be permitted to
associate with your router. So, if you enter the MAC addresses of the XP
machines which you own, they will have access to the internet.

Remember MAC filtering alone will not protect you - MAC spoofing is a trivial
exercise. Here are additional security precautions which you should take.

Enable WEP / WPA. Use non-trivial values for each. (No "My dog has fleas").
Disable DHCP, and assign an address to each computer manually.
Don't disable SSID broadcast. But change the SSID itself - to something that
doesn't identify you, or the equipment.
Enable the router activity log. Examine it regularly. Know what each
connection listed represents - you? a neighbor?.
Install a software firewall on every computer connected to a wireless LAN. Put
manually assigned ip addresses in the Local (highly trusted) Zone. Open the
following ports for file sharing only in the Local Zone: TCP 139, 445; UDP 137,
138, 445.
Use non-trivial userids and passwords on every computer connected to a wireless
LAN. Disable or delete Administrator and Guest userids.
Stay educated - know what the threats are. Newsgroups alt.internet.wireless and
microsoft.public.windows.networking,wireless are good places to start.

Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.

Relevant Pages

  • Re: Theoretical Discussion: Hotel WiFi Hack
    ... changing my MAC address. ... discussion to start with you wireless experts. ... They don't offer wired internet because it's an old ... Surely the router or gateway would go ...
    (alt.internet.wireless)
  • Re: Theoretical Discussion: Hotel WiFi Hack
    ... discussion to start with you wireless experts. ... They don't offer wired internet because it's an old ... passed his MAC address around via some GET variables in the URL. ... Surely the router or gateway would go ...
    (alt.internet.wireless)
  • Theoretical Discussion: Hotel WiFi Hack
    ... discussion to start with you wireless experts. ... They don't offer wired internet because it's an old ... passed his MAC address around via some GET variables in the URL. ... Surely the router or gateway would go ...
    (alt.internet.wireless)
  • Re: Wireless security linksys home system
    ... Changing the SSID, disabling broadcast of the id, enabling MAC ... There is some debate about the merits of MAC filtering and disabling ... >Considering the importance of security in a wireless network it is ...
    (alt.internet.wireless)
  • Wireless MAC address filtering
    ... My older Linksys wireless AP router can only do WEP security, so when I got my new HP laptop with built-in WiFi I decided to add wireless MAC address filtering to my router. ...
    (comp.sys.laptops)