Virgin superhub mac filtering?

ajf

ajf

Soldato
Joined
30 Oct 2006
Posts
3,064
Location
Worcestershire, UK
I was looking at the mac filtering settings and to me it seems the wrong way round.
I want to choose the PCs on my network so only they can have access.
The way it seems to do it though is to only allow you to select a known device to block!

Surely it would be better to have it so you select ones to allow and then everything else is blocked?

Am I just misreading how it works?
 
I found this out as well recently. If you apply the MAC filtering it actually blocks the selected device. I didnt bother in the end just enabled security and chose not to broadcast the SSID
 
Not at all, most people who are going to attack your wireless network are skiddies, they wont know any better.

It takes seconds to Google for a MAC spoofing tutorial. WEP & MAC spoofing tutorials often go hand in hand.
 
Not at all, most people who are going to attack your wireless network are skiddies, they wont know any better.

Sorry but you're completely wrong with this assumption. As said above, anyone attempting to crack your network - especially 'script kiddies' - will be following a tutorial, which will talk explicitly about how to circumvent mac filtering.

Far more likely is that someone that implements mac filtering as a security measure doesn't know enough about what they are doing to understand the futility in this and is likely to leave other holes in their security.
 
Sorry but you're completely wrong with this assumption. As said above, anyone attempting to crack your network - especially 'script kiddies' - will be following a tutorial, which will talk explicitly about how to circumvent mac filtering.

Far more likely is that someone that implements mac filtering as a security measure doesn't know enough about what they are doing to understand the futility in this and is likely to leave other holes in their security.

Well, hopefully I haven't done that! Any suggestions on the best things to lock down or areas to be aware of then?

I do currently broadcast the SSID though which is the only thing I might change.
 
Well, hopefully I haven't done that! Any suggestions on the best things to lock down or areas to be aware of then?

I do currently broadcast the SSID though which is the only thing I might change.

Not broadcasting your SSID won't do much either :)

The best thing you can do is use the highest WPA level possible with a long pass phrase. In the meantime keep an eye on your network to ensure that nobody has hopped on without you realising and change your WPA key frequently.

Also make sure that WPS is completely disabled (I can't remember if the Super Hub supports WPS...I wouldn't be surprised if it does though).
 
SSID is about 15 random characters long.
It does support WPS, but is set so it only works through pressing the button. I am not sure whether it can be completely turned off beyond that.
 
It takes seconds to Google for a MAC spoofing tutorial. WEP & MAC spoofing tutorials often go hand in hand.

Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.
 
SSID is about 15 random characters long.
It does support WPS, but is set so it only works through pressing the button. I am not sure whether it can be completely turned off beyond that.

Do you mean the WPA key rather than the SSID? If so, great :)

I'm not sure you can properly disable WPS on it yeah. I'm pretty sure that was one of the many reasons I switched to a ddwrt/tomato based router and just used the Super Hub as a modem.

Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.

You clearly haven't actually used any of the tools/tutorials for this. I would recommend running through some penetration testing on your home network to educate yourself a little more - it can be surprising how user friendly some of the tools are.
 
Not saying they wont be able to find out how to spoof it, but it doesnt come up with a message explicitly saying "OH SUP GUISE, YOUR BEING MAC FILTERED LOLZ"

Most people simply wont realise.

"Let's rely on a flawed security model because the bad guys simply won't realise".

Famous last words.
 
Do you mean the WPA key rather than the SSID? If so, great :)

I'm not sure you can properly disable WPS on it yeah. I'm pretty sure that was one of the many reasons I switched to a ddwrt/tomato based router and just used the Super Hub as a modem.

Oops, yes I meant the WPA(2) key there.

Is tomato a type of router o/s? not aomething I had come across before.
 
You clearly haven't actually used any of the tools/tutorials for this. I would recommend running through some penetration testing on your home network to educate yourself a little more - it can be surprising how user friendly some of the tools are.

Lol, yeh ok then.

"Let's rely on a flawed security model because the bad guys simply won't realise".

Famous last words.

You understand WPA2 is flawed, in more than 1 way?

Hey, security through obscurity is the best, right? :p

It's not obscure at all. Mac filtering is another layer of protection, it may not be the best but you have to realise skiddies have litterally no idea how/why things work. They just DL the tool and see if it works.
 
Back
Top Bottom