dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
31
share rss forum feed


Edward5572

@bell.ca
reply to aefstoggaflm

Re: Bell 2701 HG NO Router Mac Filtering (Wirelessly)

Agreed but the person need to know the MAC address that is in your allow list to do that. A person can sit outside your house with a pwd generator until there in.

But if there not on the allow list even when the get the right pwd they would be locked out. This would or should shop them, but as I have said above MAC filtering does not work correctly.

MAC Cloning is good if you no the MAC to use... With MAC filtering when working will make it that much harder to gain access to a persons internal network.

I'm still testing and tried reseting using the button on the back and then enter information back. But I think the check mark for MAC filtering (ENABLE) nolonger operates.

I have saved with it out and then checked it and then re-saved but still access, filter no working...

BS security... I want the modem back and a new router or bridge I guess until they fix this mess.

Cheers,
Ed


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
said by Edward5572 :

Agreed but the person need to know the MAC address that is in your allow list to do that.



MAC Addresses regardless of what level of wireless encryption is used (WEP/WPA/WPA2) are always sent in the clear - just die the myth that MAC Address filtering is useful..
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

bbear2
Premium
join:2003-10-06
94045
kudos:5

1 recommendation

The MAC address filtering keeps honest people honest.


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
said by bbear2:

The MAC address filtering keeps honest people honest.

Is that the same thing as saying

said by bbear2:

The MAC address filtering keeps honest people off your network.

?

If not, then I suspect that is what you meant to say.
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

bbear2
Premium
join:2003-10-06
94045
kudos:5

1 recommendation

Yes. The honest people who should not be on your network.

Edward572

join:2013-04-03
Barrie, ON
reply to aefstoggaflm
Run Wireshark to see un-encrypted information, but it can't see the allow or block list because the router does not send the list to users. Your NIC will send the information to the router in plain text, but how do you get the MAC that is allowed from the list.

CISCO switches and routers filter MAC address quite effectively and do not send the allowed MAC's, they do not broadcast that information.

So again how do you know the MAC address on the allow list in the routers memory??

Mac address filter in my trade is very important, wired and wireless, this a security flaw with this 2wire (CRAP)...


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL

1 edit
said by Edward572:

Run Wireshark to see un-encrypted information, but it can't see the allow or block list because the router does not send the list to users. Your NIC will send the information to the router in plain text, but how do you get the MAC that is allowed from the list.

CISCO switches and routers filter MAC address quite effectively and do not send the allowed MAC's, they do not broadcast that information.

So again how do you know the MAC address on the allow list in the routers memory??

Mac address filter in my trade is very important, wired and wireless, this a security flaw with this 2wire (CRAP)...

#1 Sniffers always see the MAC Address(es) if connected by wireless or if using a wire if connected to a hub.

#2 For switches (including router with a built in switch), if the attacker does something called ARP Poisoning.
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.

Edward572

join:2013-04-03
Barrie, ON
I guess I missed that part in school...

I going too visit my school and try to do that, because we have tried this with WireShark with a CISCO router (Wireless) and it was unable to get in. I will have to take your word for it...

BELL should stick to just modems and let the user use there own router, or fix the problem.


aefstoggaflm
Open Source Fan
Premium
join:2002-03-04
Bethlehem, PA
kudos:7
Reviews:
·PenTeleData
·Verizon Online DSL
said by Edward572:

BELL should fix the problem.

Why?

As I said MAC Address Filtering only prevents people from connecting by accident.

And once you are using wireless encryption, you are wasting your time doing that.

said by Edward572:

BELL should stick to just modems and let the user use there own router.

Why is that?

The users can disable wireless in the modem combo and they can put their modem into bridge mode and use their own router.

Points to

a) »www.wikihow.com/Set-Your-Bell-2W···dge-Mode

b) »AT&T Southeast Forum FAQ »Bridge Mode for the 2Wire 2701HG-B
--
Please use the "yellow (IM) envelope" to contact me and please leave the URL intact.