[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Mac Address Filter
It is handy for keeping not-very-dedicated would-be theives from using
your wireless network for their own net usage without first spending
time snooping on it. I know some people who (erroneously) think you
need a soldering iron to change MAC IDs, so the technique clearly
thwarts some fraction of persons seeking unpermitted access.
Foolproof? Of course not. But it is not useless. It is one layer to
slow down those who would consume resources, and makes other targets
look more appetizing. You don't need to outrun bears, sometimes, just
other hikers :-)
--Chris
PS some reason to hate MAC-based filtering, of which I should be
alerted? :-)
On Saturday, June 8, 2002, at 02:08 PM, Philipp Buehler wrote:
> On 08/06/2002, O. Matt <init64@kodee.org> wrote To misc@openbsd.org:
>> I wonder how I could set up a mac addresses filtering firewall rule on
>> my little OpenBSD 3.0 server. Any idea ?
>
> Why does anyone wants MAC filtering?
>
> You'll break more than you would gain in 'security'.
>
> One thing you can do is to setup a bridge and use
> the bpf filtering in there - if you really need to.
>
>
> I'd like to hear some "arguments" why this is so
> desired.
>
> Answers like 'but netfilter has it' are void for me.
>
> ciao
> --
> Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p>
>
> #1: Break the clue barrier!
> #2: Already had buzzword confuseritis ?