Thanks for the further information.
> ...could sniff a few of the packets that transmit between your device and your router and extract the MAC address from the headers.
I didn’t think about that address too being transmitted through the air. Obviously it would have to be.
> If you have other safeguards in place such as WPA2 AES encryption, hidden SSID, and you’ve turned off things such as WPS...
I do have that encryption, and had turned off WPS after reading about problems with that previously. I notice that I have SSID Broadcast enabled, but I’ll disable it. Thanks.
SSID broadcast is one of the simplest “safeguards” to implement. It keeps ne’er-do-wells from trying to even connect; however, bear in mind that even though the SSID is hidden, most operating systems will recognize that the AP exists but no other data will be shown. The SSID, too, is transmitted when making a wireless connection, so if someone really wanted to figure out your SSID, they could.
Also consider doing a “wireless survey” in your home. Take your favorite wireless device and walk around outside your home to see how far your wireless signal goes. I recommend to most people that if your wireless signal can be seen/accessed from the streets around your home, then someone could sit in a car/van and try to access it undetected. There are ways to “turn down” your wireless power but only if you install a firmware replacement such as DD-WRT.
Just food for thought. Feel free to FReep mail me if you have other questions.