Just Filtering Your MAC Won't Do Jack

Friday Jan 6th 2006 by Ronald Pacchiano

In addition to running MAC filtering, you need to add multiple security layers to protect your wireless network. Plus, when your computer is misbehaving and all else fails, start over from scratch.

I was just wondering — If you set up MAC filtering on a home wireless network without enabling WEP or WPA, wouldn't that be sufficient to protect the network from unauthorized access? Since no PC would be allowed to join the network without a previously authorized MAC address, how could anyone possibly gain access to the wireless network? I thought that was the whole point of MAC address filtering, to protect the network from unauthorized users. I don't understand.

The reasonable assumption is that by allowing only systems with authorized MAC addresses onto the network, you'd be safe, but the reality is that this particular security measure is easy to circumvent, and thus good only as a deterrent for less sophisticated users. Anyone who really wants to gain access to your network (with a good general understanding of Wi-Fi networks and the right utilities) could easily gain access. How can they get in? That one is easy. Your MAC address can be spoofed by readily available tools and utilities or even through a simple registry entry in Windows. Tools like Kismet or NetStumbler can intercept your MAC address and then spoof it, making an unauthorized system look legitimate.

The reality is that security is best implemented in layers — the more layers a hacker needs to penetrate, the harder and less attractive a target your network becomes. So in addition to running MAC filtering, you should add multiple security layers to your network defenses. For example:

  • WPA or WEP Encryption
  • Disable SSID Broadcasting
  • Setup VPN access on your network
  • Use a RADIUS server RADIUS for additional authentication

There are other measures you can take, but I'm sure you get the idea. To further safeguard your security, you should also be running a good anti-virus and anti-spyware package, plus a strong firewall.

By themselves, none of these packages could provide you with adequate protection, but when combined, they create a strong defense for your system and should prove effective at defending your network and systems from attacks. If you implement weak encryption, though, be forewarned: Somebody will exploit it. A guy in my neighborhood has been getting free high-speed Internet access for more than a year. All he did was buy an 11b network interface card and searched for an AP that he can access. It turns out he has more than one choice.

I have a small workgroup at home, which consists of two PCs: a desktop and a laptop. These computers share a cable modem Internet connection via a Linksys wireless router. The desktop computer is equipped with a USB wireless network adapter and is running Windows XP Home Edition. The laptop computer uses a mini-PCI 802.11b/g adapter, but runs Windows XP Professional.

Over the last few weeks, I started to notice a problem. My Internet connection runs just as fast as it always has on my desktop PC. However, for some reason, when I try to access the Internet from my laptop computer, it's extremely slow. Web pages can take almost a minute to load and occasionally time out. This behavior is consistent whether or not the desktop PC is online.

Both PCs can ping each other, and I can print over the network. I have uninstalled and reinstalled the network adapters and even the TCP/IP protocol, but to no avail. A friend of mine suggested I check the vendor's site to see if an upgraded network driver was available. Sure enough, a newer one was available, but installing it didn't improve the situation any. As a final act of desperation, I even contacted my ISP for assistance. All they were able to do was perform a diagnostic on my cable connection, which checked out fine.

I have tired everything I can think of, but so far have been unable to resolve the situation. The most frustrating thing is that it just seemed to develop overnight. I've had all of this equipment in place for almost a year now and up until this point, everything worked fine.

Do you have any idea what else I might try to alleviate this problem? Thank you!

Mysterious problems like these are typical when dealing with Windows PCs, so I'm afraid I don't have any easy answers for you. The good news is I don't think your problem has anything to do with your hardware or your network configuration.

Just the fact that all of this hardware was purchased, installed and has been working for more than a year now pretty much rules it out. Could something have happened to the hardware to suddenly cause the problems your experiencing? It's possible, but the odds are against it. If a network adapter were to suddenly go bad, it would usually just stop working altogether. The Ethernet cable could have been damaged, but you said this was a wireless connection. It could be interference from another radio source, but the desktop PC connection functions just fine while the laptop does not.

Taking all of that information into account, it sounds to me like the problem you're experiencing has more to do with software incompatibility or a resource/memory shortage rather then a hardware malfunction.

Unfortunately, trying to isolate exactly what that is difficult, and it would be almost impossible for me to instruct you on with the space we have available here. Actually, even if I were sitting in front of the system with you it would be difficult to spot and correct the problem.

The key to correcting this type of a problem usually comes down to identifying exactly when the problem started. You'll usually find that this time corresponds to a service pack being applied, newly installed software or a recently updated driver. If you can't isolate when the configuration was modified, the quickest and easiest thing I can suggest you do is to simply wipe out and reinstall Windows XP on your laptop. I know this is a major hassle, but believe me when I tell you it's the more efficient of your two options and will normally yield the best results.

One of the problems I've discovered over the years working with Windows-based computers is that in order to keep them running at peak efficiency their hard drives have to be erased and reloaded at least once year. The reason for this is that over time Windows becomes bloated with numerous utilities, applications, driver updates and security patches. Programs get overwritten or removed, but many of their core elements (like DLL files) get left behind.

This constant changing of the registry in conjunction with these orphaned files can cause the system to become highly unstable and create many strange problems — none of which can be easily tracked. Unfortunately, redoing the system is usually the only way to effectively rid the PC of these mysterious problems and guarantee the structural stability of the operating system.

The only other suggestion I could make to you before taking on such a daunting task would be to thoroughly scan your system for viruses. The symptoms you described are definitely exhibiting virus-like behavior — it's worth investigating.

In the future, one of the best ways to prevent this type of problem is to use a utility such as Microsoft's System Restore before installing or updating anything on the PC.

With System Restore you can save a copy of a working configuration. In the event of a problem, system Restore uses this configuration data to restore your system to a previous working state. While System Restore can't solve every problem, it is a good safeguard to have. For more information on System Restore and how to use it just click on the Start button and select "Help and Support." After it launches, search for keyword "System Restore." I hope you find this information helpful. Good Luck!

Adapted from PracticallyNetworked.com, part of the EarthWeb.com Network.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved