Jump to content

Mac Address Filtering


g33k
 Share

Recommended Posts

Why is it that even in this day and age that network administrators cannot understand to filter mac addressing is important.

Yes i have taken in to account that indeed a mac address can be spoofed and used on a different computer, as many are now changeable on the network card, but at the end of the day it is a first line defense. Needs to be considered and used. Network attacks and hacks would go down for example networks would not talk to mac addresses that weren't listed on a central server list?

I am surprised that security companies do not devolop software that allows you to filter your traffic on servers based on the mac address. Although this can be done at switching level it is only available in smart switching such as Cisco Devices.

I know that it is hard to implement and manage, but in high security networks where data security and prevention against attacks such as Hospitals this should be taken in to account.

Link to comment
Share on other sites

I have MAC and WPA at my house and it works great but the reason that i think the companies wont put MAC filtering on there systems is the fact of having like 200 computers and then having to add all them to a file (which means someone there sitting and typing it) and then when they either add or take a computer away they have to go though the list and remove/add that one, more work rather than just plugging in a cable and its on.

Link to comment
Share on other sites

Why is it that even in this day and age that network administrators cannot understand to filter mac addressing is important.

Yes i have taken in to account that indeed a mac address can be spoofed and used on a different computer, as many are now changeable on the network card, but at the end of the day it is a first line defense. Needs to be considered and used. Network attacks and hacks would go down for example networks would not talk to mac addresses that weren't listed on a central server list?

I am surprised that security companies do not devolop software that allows you to filter your traffic on servers based on the mac address. Although this can be done at switching level it is only available in smart switching such as Cisco Devices.

I know that it is hard to implement and manage, but in high security networks where data security and prevention against attacks such as Hospitals this should be taken in to account.

Like you said, MAC addresses can be spoofed (in windows it's a registry key).

Why don't you use 802.1X?

You will need a CA and a RADIUS server and machine certificates in addition to the 802.1X capable switch. Then the machine authenticates to the switchport and the PC is only able to access the network if he is sucessful authenticated.

Mike

Link to comment
Share on other sites

The mac address cannot be used for a security function because it's not a secure value. Saying that does not matter and going ahead and using it anyway is negligent.

As suggested about RADIUS will do for you in a correct and secure way, what you think MAC filtering is doing for you now.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...