WirelessPirate.net

Fun without wires

Security Preference?

without comments

Here’s a question for anyone out there who’s ‘wireless-security-minded’. If you have to choose between the 2, are you better off having WEP enabled on an access point, or only allowing trusted stations to connect (via MAC-address restrictions)? Obviously it’s better to have both, but if you can only have one, which one is more secure?

I was thinking that if you couldn’t get WEP to work for whatever reason, then it might be ok to just configure your WAP to only accept connections from certain MAC addresses. This would mean that the data wasn’t encrypted in transmission, but wouldn’t it also mean that people couldn’t snoop your traffic, because they couldn’t connect in the first place? Or am I missing something?

The down-side is that if (somehow), an outsider knew the MAC address of your machine/network adaptor, then they could use something like SMAC to spoof it and connect to your WAP.

WEP is supposed to be pretty insecure, and tools like AirSnort can be used to determine the encryption key given enough sample data, so is it really worth the effort? (unless you’re regularly cycling your keys perhaps?)

Any thoughts out there?

Written by Beau Lebens

March 5th, 2004 at 4:00 pm

Posted in Uncategorized

Tagged with , , , ,