Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Flagman]

Hopefully this question doesn't sound too dumb to the networking experts here , but if I have my network set to filter MAC addresses - "Only listed MAC addresses can connect and DENY others" - what would be the advantage of enabling encryption, since performance will suffer?  Also I don't believe there is one encryption scheme available on the DIR-655 that will work with my mix of b, g and N wireless devices, is there?

Devices on the network -

wireless:
2 desktops with 802.11b (one Win XP/SMC USB wireless adapter, one Win XP MCE/Netgear USB wireless adapter)
1 desktop with Win XP MCE/dlink Extreme N PCI adapter
1 laptop with onboard Intel wireless g (Win XP Pro)
occasionally a Sony PSP


wired:
Xbox 360
Sony Blu-Ray player
WD MyBookWorld network storage drive

[Reinvented]

MAC address filtering is less secure than using any encryption.  Performance loss is negligible.  In fact, MAC filtering may be worse.

WPA/WPA2 Auto with a Cipher type of TKIP and AES are usually compatible with legacy devices, and will work just fine.  Better than keep it unsecure.  I'd get that changed, since MAC addresses can be spoofed very easily and people can break into your network. 

[grafika1]

Unfortunately with MAC address spoofing, MAC filtering as the sole security method is not particularly effective. The fact that some of your wireless devices are 802.11b only suggests that they are older devices and mostly likely only have WEP which is also unfortunately not particularly secure. My advice would be to abandon the older devices and implement WPA2 in your wireless network. Of course that all depends on how security conscious you are.

[EddieZ]

Yes. MAC filtering can be evaded quite easily. Just sniff the streams, read a local MAC address and spoof your NIC with that MAC ID. Takes about 2 minutes 

So for real security you need WPA2

[Flagman]

WPA/WPA2 Auto with a Cipher type of TKIP and AES are usually compatible with legacy devices, and will work just fine. 

So WPA/WPA2 Auto will work with b devices, or should I upgrade them to g?

[pbls]

hi there,so mac adress filter anda WPA2 would be overkill or have a performance lost?

[grafika1]

Flagman: You have to check if the wireless chipset on the older devices supports the more advanced schemes. Most likely it does support TKIP (although that too has been compromised, but still much better than WEP).

pbls: Although MAC address filtering isn't particularly secure, think of as defense in depth.

[EddieZ]

802.11b adapters originally did not provide any support for the WPA standard. Users of 802.11b hardware will need to source firmware updates to discover any form of WPA implementation. 802.11g protocol (backwards compatible with the 2.4 GHz 802.11b standard) devices will natively support a version of WPA, this may be further extended through additional firmware updates.
Additionally the Network Adapter driver layer must also support the implementation of WPA on the card. Along with firmware, drivers can add or extend the support for WPA by and given adapter.

The newer WPA2 security standard generally cannot be implemented through driver/firmware updates requiring new hardware to be rolled out across the network.

[Flagman]

Sounds like I need to retire my b devices, and upgrade to g or n in order to use WPA2.

Thanks for the info. everyone.