1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security using MAC addresses

Discussion in 'Wireless' started by ChrisH, Jul 21, 2006.

  1. ChrisH

    ChrisH Nibble Poster

    50
    1
    12
    Just a quick question.

    I have a niggly problem where if I playing an online game I get a momentary connection glitch every minute or so which lasts for about 5 seconds.

    It came up in conversation with a guy in a shop the other day and he suggested that I do not use any kind of encryption for security and rely on allowing access by MAC addresses instead. The reason being that any kind of encryption needs time to decode/work hence the 5 second delay and that MAC addresses are unique to the network adaptor and that if someone has the knowledge and can be bothered to go through the effort to spoof the address to gain access then encryption would probably be useless.

    Any thoughts on that? Makes sense in theory but I'm new to wireless so there's a lot I don't know.
     
    WIP: A+
  2. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    TCP Packets will still need to be sent backwards and forwards when you are playing the game.

    As it is an online game I would suggest that you connect with a wire as it will be much faster.

    8)
     
  3. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    I agree, patch in mate, its way quicker! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  4. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    If you are worried about break-ins then use ethernet, not wireless.

    Unless your router/AP is a very poor one I wouldn't expect the glitches to be encryption related, but more possibly interference related.

    In any case - try an ethernet connection and see if the glitches are still there. If they are then you have ruled out the WiFi bit, and it will be your ISP or cable.

    Edit: Another advantage of using Ethernet is the reduced latency - this helps a *lot* in online games.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  5. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    I wouldn't disable your encryption, it can be quite easy to spoof a MAC address - some equipment has this as a built in feature. If you are using WPA and your equpiment supports it, try switching the encryption technique from TKIP to AES (802.11i), it seems to be a fair bit faster on my set up. Also, make sure you have the latest drivers and firmware, that may help.

    Depending on the make of your equipment, there may be loads of things you can do to boost the throughput and reduce latency. For example, you can set acknowledgements to burst rather than immediate, enable QoS (802.11e), increase time-out periods for acknowledgements not recieved and so on.

    As Harry said, it could also be interference, if your gear does not have an automatic channel select, try a few different channels.

    There are some free apps that might help you, Ixia Qcheck will measure your true throughput between two network nodes, and NetStumbler wil detect any other nearby wireless networks and what channel they are operating on so you can choose a free channel.

    HTH.
     
    Certifications: A+, Network+
    WIP: 70-270
  6. ChrisH

    ChrisH Nibble Poster

    50
    1
    12
    Thanks for the help. I'll spend some time looking at settings.
     
    WIP: A+
  7. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    While i would prefer to use encryption, i don't!

    Before i starting using Ubuntu, i used to have my Pro laptop WPA enabled, and every *now and again* it would drop the connection. At first, i thought it was interference (it still could be) but after trying all the channels, moving the access point etc.. it would still drop.
    As a test i placed the laptop next to the access point with encryption on and off. With encryption disabled, it never dropped (and continues to do so).
    When i started using Ubuntu and the encryption was proving difficult to get working, i ditched it altogether.

    The general feedback i had at the time was very much of *the man in the shop*.

    Depeding on your access point/wireless router you can add a bit of security by disabling access at certain times.

    Si
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  8. Rik

    Rik Nibble Poster

    79
    1
    14
    I use WPA and Mac Address Filtering on my WLan and must say I have no dropouts whatsoever.

    I use a 3Com Wireless Gateway with Integrated Broadcom WiFi in my laptop and it works a treat.

    If you have a wireless network I would highly recommend enabling WPA (or better) and implementing Mac Address Filtering.

    There are a lot of Wardrivers out there believe me :D
    Ive had some great fun with the locals WLans :)

    I also agree with BABA and Netstumbler, this can be an invaluable tool, and I believe AiroPeek is rather good as well, kinda like a Wireless Ethereal.
     
  9. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Fella

    MAC address lockdown on WLANs offer absolutely no protection at all to anyone who knows what they're doing. Its so trivial to spoof a MAC address that ten year old script kiddies can do it.

    In addition, first-gen WPA is just as easily cracked as WEP.

    When i get the time I'll post some articles showing you how to do both. For now, suffice it to say that you need to run WPA2-AES to be reasonably sure you are secure. The original WPA standard relies on TKIP - which is very simple to crack using tools that are freely available and tutorials that have been doing the rounds on serious Security and Script Kiddie forums alike for a couple of years now.

    just Google "ARP Replay"+Kismet to see what I mean...
     
    Certifications: A few
    WIP: None - f*** 'em
  10. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Zeb,

    Maybe you could PM/mail interested parties?

    Si
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  11. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    For security reasons? :wink:
     
    Certifications: A few
    WIP: None - f*** 'em
  12. Rik

    Rik Nibble Poster

    79
    1
    14
    Brought up some lovely documentation there.

    The only problem I have is the WLans I try capturing from have hardly any traffic unfortunately.

    So it takes a month of sundays to capture anything.

    Of course im talking about my own test WLAN :twisted:
     
  13. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Of course, mate. :) I aim to be as clever as you about security one day.

    Si
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  14. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    LOL - you want to hope some script kiddie wardriver doesnt sit outside your house and try an ARP replay attack on you then - you'll wish for a quick return to the days of sparse traffic mate...
     
    Certifications: A few
    WIP: None - f*** 'em

Share This Page

Loading...