Setting specific MAC address filtering is not worth a concern? Can you elaborate on this, as setting MAC addressing was 1 of my "to do" jobs but you suggest I'm wasting my time, I gather because they can be spoofed?
Setting specific MAC address filtering is not worth a concern? Can you elaborate on this, as setting MAC addressing was 1 of my "to do" jobs but you suggest I'm wasting my time, I gather because they can be spoofed?
What happens is an attacker will sit outside and use a tool like ethereal to sniff the traffic on your network. While he can't actually see the data (since it is encrypted) he can see other information like the MAC addresses of clients. So, once he determines what the legit MAC addresses are, he runs a tool like ifconfig and changes his own MAC to match yours. It's trivial and only takes a minute.
Okay, this is where "Security by Obscurity" comes into play - if your firewall is ping able or not really makes no difference to the end result. Hidden or not you have to be track-able to some extent (without talking proxies).
Yeah, everything I've read says that hiding SSID is useless. I have done it only to keep casual users from trying to connect, but that probably just ensures that the only attempts will be malicious or non-casual. The router wifi is secured anyway with a strong password in WPA2 and also the administrator name and password are unique and remote administration is disabled. There's really no need for remote administration for most people, anyway, is there?
The key remains LAN access, doesn't it. How does one log onto the LAN, users and user levels, passwords, etc? If it is easy to log onto the LAN locally, then once the wifi connection and strong password are known, logging onto the LAN will also be easy, won't it?