dslreports logo

    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»


how-to block ads

MAC address filtering registers valid MAC (media access control) addresses in use and permits only recognized MAC addresses to establish communication with wireless access points.

Most wireless APs/routers now come the MAC Filtering feature. This option will limit access to ONLY the MAC addresses that you have configured your router to permit. If you would like to use this feature, you will need to find all the MAC addresses of the wireless cards that will be using your network.

You can find a wireless card's MAC address In Windows 2000/XP by going to "Start" -> "Run" -> Type "cmd" -> Type "ipconfig/all" and look for the wireless card in the output box. It should say "Physical Address", or something similar, under the card info. Write that MAC address down and copy it into the "MAC Allow" section of the wireless AP/router.

Although this mechanism might sound foolproof, it isn't. Most 802.11 NICs allow you to configure the MAC address of the NIC in software. If you can "sniff" the MAC address of an existing node on the network, you can join the network by spoofing the MAC address of that node. MAC filtering really only keeps somebody from accidently connecting to your WAP. It won't keep a determined wardriver out. Keep in mind that Windows XP will try to associate automatically. It is quite easy for someone with knowledge to change their MAC to match the one that has been allowed in your system, and log on in it's place. The original system will lose its access to the WAP, and it will be quite confusing to figure out what is actually going on.

However, it is still recommended to have MAC filtering enabled.


Some articles that discuss MAC filtering:

"Enable MAC Address Filtering on Wireless Access Points and Routers"

Expand got feedback?

by Bill See Profile edited by KeysCapt See Profile
last modified: 2005-12-23 20:23:56