Virgin superhub mac filtering?

ajf

ajf

ajf

Soldato
Joined
30 Oct 2006
Posts
3,064
Location
Worcestershire, UK
I was looking at the mac filtering settings and to me it seems the wrong way round.
I want to choose the PCs on my network so only they can have access.
The way it seems to do it though is to only allow you to select a known device to block!

Surely it would be better to have it so you select ones to allow and then everything else is blocked?

Am I just misreading how it works?
 
I found this out as well recently. If you apply the MAC filtering it actually blocks the selected device. I didnt bother in the end just enabled security and chose not to broadcast the SSID
 
dfarrall said:
Not at all, most people who are going to attack your wireless network are skiddies, they wont know any better.
Click to expand...

It takes seconds to Google for a MAC spoofing tutorial. WEP & MAC spoofing tutorials often go hand in hand.
 
dfarrall said:
Not at all, most people who are going to attack your wireless network are skiddies, they wont know any better.
Click to expand...

Sorry but you're completely wrong with this assumption. As said above, anyone attempting to crack your network - especially 'script kiddies' - will be following a tutorial, which will talk explicitly about how to circumvent mac filtering.

Far more likely is that someone that implements mac filtering as a security measure doesn't know enough about what they are doing to understand the futility in this and is likely to leave other holes in their security.
 
FrenchTart said:
Sorry but you're completely wrong with this assumption. As said above, anyone attempting to crack your network - especially 'script kiddies' - will be following a tutorial, which will talk explicitly about how to circumvent mac filtering.

Far more likely is that someone that implements mac filtering as a security measure doesn't know enough about what they are doing to understand the futility in this and is likely to leave other holes in their security.
Click to expand...

Well, hopefully I haven't done that! Any suggestions on the best things to lock down or areas to be aware of then?

I do currently broadcast the SSID though which is the only thing I might change.
 
ajf said:
Well, hopefully I haven't done that! Any suggestions on the best things to lock down or areas to be aware of then?

I do currently broadcast the SSID though which is the only thing I might change.
Click to expand...

Not broadcasting your SSID won't do much either :)

The best thing you can do is use the highest WPA level possible with a long pass phrase. In the meantime keep an eye on your network to ensure that nobody has hopped on without you realising and change your WPA key frequently.

Also make sure that WPS is completely disabled (I can't remember if the Super Hub supports WPS...I wouldn't be surprised if it does though).
 
SSID is about 15 random characters long.
It does support WPS, but is set so it only works through pressing the button. I am not sure whether it can be completely turned off beyond that.
 
KIA said:
It takes seconds to Google for a MAC spoofing tutorial. WEP & MAC spoofing tutorials often go hand in hand.
Click to expand...

Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.
 
ajf said:
SSID is about 15 random characters long.
It does support WPS, but is set so it only works through pressing the button. I am not sure whether it can be completely turned off beyond that.
Click to expand...

Do you mean the WPA key rather than the SSID? If so, great :)

I'm not sure you can properly disable WPS on it yeah. I'm pretty sure that was one of the many reasons I switched to a ddwrt/tomato based router and just used the Super Hub as a modem.

dfarrall said:
Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.
Click to expand...

You clearly haven't actually used any of the tools/tutorials for this. I would recommend running through some penetration testing on your home network to educate yourself a little more - it can be surprising how user friendly some of the tools are.
 
dfarrall said:
Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.
Click to expand...

"Let's rely on a flawed security model because the bad guys simply won't realise".

Famous last words.
 
FrenchTart said:
Do you mean the WPA key rather than the SSID? If so, great :)

I'm not sure you can properly disable WPS on it yeah. I'm pretty sure that was one of the many reasons I switched to a ddwrt/tomato based router and just used the Super Hub as a modem.
Click to expand...

Oops, yes I meant the WPA(2) key there.

Is tomato a type of router o/s? not aomething I had come across before.
 
FrenchTart said:
You clearly haven't actually used any of the tools/tutorials for this. I would recommend running through some penetration testing on your home network to educate yourself a little more - it can be surprising how user friendly some of the tools are.
Click to expand...

Lol, yeh ok then.

KIA said:
"Let's rely on a flawed security model because the bad guys simply won't realise".

Famous last words.
Click to expand...

You understand WPA2 is flawed, in more than 1 way?

FrenchTart said:
Hey, security through obscurity is the best, right? :p
Click to expand...

It's not obscure at all. Mac filtering is another layer of protection, it may not be the best but you have to realise skiddies have litterally no idea how/why things work. They just DL the tool and see if it works.
 
You must log in or register to reply here.
Back
Top Bottom