Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: open
I discovered recently that it's possible to fake/clone mac addresses.
That's certainly possible. Most network adapters today have configurable MAC addresses. They have a built-in one, but it's possible to override it. In Windows, it can be as simple as using the control panel applet or notification area applet that came with the network adapter driver.
However, somebody would first have to know what MAC address to set. The router doesn't "advertise" the MAC addresses that it accepts, and they aren't sent over the air in the clear (i.e. without encryption) assuming that encryption is properly set-up.
Requiring specific MAC addresses adds security but they can also be grabbed from the air by someone who knows how to do it.
You are safe from the average person in your neighborhood if you are buying off the shelf wireless equiptment at the local computer store. You aren't so safe from a 17 year old neighbor with some time on his hands, moderate technical skills, and who considers cracking your wireless a fun challenge.
You could then also set it up to only accept a preset list of mac addresses, though that doesn't really add much security, for reasons already mentioned.
WEP is a joke. Don't use it.
Most people seem to leave their kit with default SSID, default channel, default username, and god knows what default else.
12) If all your kit uses only 11b or 11g or something else, then limit connections to just that one type.