Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Paladin2

MAC addresses can very easily be spoofed. It is not a preferred method to proper hardening, but then when it comes to wireless, nothing is.

Your best level of security is to not have wireless at all. If that’s not an option, using RADIUS for authentication and preferably using 2FA (2-factor authentication) where the machine has to have a certificate AND a password is required is the best security for a wireless network. Since that’s incredibly complex for a home user, just changing the router password, changing the IP address (preferably to a class A or B), turning off WPS (it’s a shortcut, of course it’s susceptible), and using WPA2 with AES encryption is your best bet.

Again, nothing is foolproof, but this will stop over 95% of attack attempts. If someone really wants to get into a home user’s network, even my own, they could do it. It’s a level-of-effort thing.


8 posted on 02/25/2014 5:12:04 PM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 2 | View Replies ]

To: rarestia

> MAC addresses can very easily be spoofed. It is not a preferred method to proper hardening, but then when it comes to wireless, nothing is.

I don’t ordinarily use wifi. I just have a pc, and a Nook Simple Touch (ebook reader) rooted to do some tablet things (which I ordinarily keep with the wifi turned off, and don’t use to purchase books on the net). My router allows wifi access only to those two MAC addresses. How would anyone else get in? Wouldn’t they have to produce a large number of MAC addresses until one matched one of the two my router allows, and then have to do the same thing to match the password — all while still within range of my router? I doubt that any of the few neighbors within range of my router is doing that.

I don’t use my pseudo-tablet at public sites, but I’m curious to know if that can that be done there with hacking software in just a matter of minutes? It seems to me that router protection software ought to spot systematic attempts to produce a wide range of MAC addresses or wide range of passwords within a short time, and be able to stop access temporarily and give a warning.

[I have almost no knowledge in this area, though, and am just speculating.]


13 posted on 02/25/2014 7:19:16 PM PST by GJones2 (Wifi hacking)
[ Post Reply | Private Reply | To 8 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson