Wireless Network Administration: Using MAC Address Filtering

MAC address filtering allows you to specify a list of MAC addresses for the devices that are allowed to access the network. If a computer with a different MAC address tries to join the network via the access point, the access point will deny access.

MAC address filtering is a great idea for wireless networks with a fixed number of clients. For example, if you set up a wireless network at your office so that a few workers can connect their notebook computers, you can specify the MAC addresses of those computers in the MAC filtering table. Then, other computers won’t be able to access the network via the access point.

Unfortunately, it isn’t difficult to configure a computer to lie about its MAC address. Thus, after a potential intruder determines that MAC filtering is being used, he or she can just sniff packets to determine an authorized MAC address and then configure his or her computer to use that address. (This is called MAC spoofing.) So you shouldn’t rely on MAC address filtering as your only means of security.

The illustration below shows the screen used to edit the MAC address table for a Linksys wireless access point.

image0.jpg