How easy is it to beat MAC Filtering?

I have an older laptop that really doesn't like any of the key based protection like WPA or WEP so am I pretty safe just using MAC filtering to secure my network? I know it makes it pretty easy to listen in when the laptop is in use, but does it keep people from leeching my wireless?

 

It is easy. But, it requires capturing packets and trying different ciphers and a whole lot of other stuff. Alone, MAC filtering is nothing. Coupled with WPA (never use WEP nowadays), it is useful.

 

It'll prevent 99% of people from leeching your wireless, if that's the main concern. There's no encryption going on though, so your packets aren't as secure as with, say, WPA.

An alternative is to get a cheapo (~$10) USB WiFi adapter for that computer, and that should support all the latest standards.

 

only sure bet for keeping people from leeching your wireless is to go wired.

mac filtering alone isn't going to be worth a poo to anyone with any tech skills. these are computers afterall, and a fairly simple set of scripts can test one mac at a time until it can ping an internet location, while the attacker is sleeping, away, etc.

if you are only concerned with people leeching your connection innocently, see if you can disable ssid broadcast on your wireless ap.

that should defeat most people connecting and the ones who can find your ap to talk to it are likely going to be the ones with sufficient skills to pretty much own your network. or at least a copy of backtrack linux and some moderate experience, at which point mac filtering isn't going to do squat, wep is a joke, wpa is a joke, and wpa2 may now be a joke as of a talk from defcon19 i haven't read yet personally.

disabling ssid broadcast should stop anyone who hasn't previously connected to your ap from connecting to it unless they know its there and enter its' information manually.(won't just show up as an available network for windows users automagically). if you suspect some have already done so in the past you could then add mac filtering and/or change the ssid name to exclude those leech cases as well.

and of course if you suspect someone has been leeching and could break your security.. well, switch to wired or find a whitehat/greyhat/blackhat friend to help catch them in the act.

 

Actually, if they can sniff MAC address in order to bypass possible MAC filtering, they can easily figure out the hidden SSID without even trying.


------
Edit: Also, why bother scanning for MAC address in a brute force way when they are in the clear, same goes for SSID. The hidden SSID is only a flag that if the os wants to respect.

 

If there isn't any physical access to any of the computers on your network, MAC filtering will add another layer of security. That said, it can be bypassed and isn't good as a sole means of securing a network at all.

I always heard that not broadcasting the SSID was of no detriment to the router, but setting the "connect even when SSID is not broadcast" option on networked computers is less secure, not sure if there is any truth to that or not.

 

Not so much much on the router but can be an issue to other devices.
Not all devices support connection to a hidden SSID.

The hidden SSID option provide no additional security at all.

Just have to look for a binded address to an unlisted name which only takes a second to figure out.

 

There are tools of the trade that allow people to bypass wep/wpa, mac address filtering. I have been told, there is much as a 95% success rate in cracking routers. Honestly, the only safe way is to be wired and forget wireless.

 

For consumer products in mind.

For WEP, all variant are completely compromised. Active attack are really fast and passive attack, not so bad. Nowadays, there are ridiculous amount of simple 1 button automated tools that breaks WEP.

For WPA-PSK, not so much, as long it isn't a simple dictionary word. Until someone figure out a breakthrough mathematical flaw, we have to wait for technology to catch up.

As Roger stated, the easiest safe way is to wired.

Otherwise, you need to start being informed, be a step ahead and consider when to decide replacements if necessary.
Eventually, you have to give up on backward compatibility.