Backyard Aquaponics
A place to discuss aquaponics

what language are you all speaking?

I will be at a school with that model acers tommorow afternoon Jamie and will email you the correct driver.

Yep i use WPA2-Tkip

run many other devices as well.

just need to install ubuntu on it then it will be fine!

all sorted, thanks for the help guys was a issue with model number late night tired eyes and my own stupidity was downloading the wrong drivers

all good now worked straight away.

Always something so simple... eh???
Regards - ColinW

Good one. I did the same today when I couldn't get to another techs ftp site. Forgot to put the port settings on the end of the address DOH

No worries Steve - I'll do my best to explain it for you.

First things first, wireless is a broadcast medium. You can't stop someone receiving the wireless data, that's a given. Once it's in the air waves anyone or any device can pick up the data. So this is like using a 2way radio.. you broadcast and anyone listening on that channel is capable of receiving it. Once you broadcast it you cannot prevent people from listening to your conversation.

This is where encryption comes into it. We know we can't stop someone from receiving the signal, however we can make it so that they can't make sense of it or interpret it. WEP, WPA or WPA2 are common forms of encryption.

Now, you don't run any encryption so every packet of information which is sent or received on your wireless network can be picked up and read in plain text (save for encryption at the application layer such as SSL through a web browser etc) by anyone or any device within wireless reception range.

So as you can see this is all taking place before MAC filtering is even discussed. A packet sniffer is all that's needed for me to view your network traffic and potentially intercept sensitive data.

Now onto MAC filtering. MAC filtering enables a white-list in your router which effectively drops any packets where the source mac address does not match a valid entry in your allowed MAC's.. MAC address filtering prevents a device from 'joining' your network or 'communicating' with your network - It does not and can not prevent someone from 'listening'.

As for how trivial it is to sniff MAC's on your network - well its incredibly simple because you run no encryption. Every packet of information sent on your network will contain a source MAC address. So a quick packet sniff and I would get many source MAC addresses - using the assumption that any packet being transmitted originated from a trusted MAC address I would just need to spoof that and voila - I'm on your network (maybe it would take a couple of tries).

I've never come across anyone who runs open encryption with MAC address filtering.. please believe me it offers you no protection, it's much worse than WEP (because that is at least not sending your data in plain text).

If we consider the steps a wireless cracker would have to take to join a network with MAC filtering;

- Capture enough packets to crack the wireless encryption key
- Decrypted received packets
- locate source mac addresses
- spoof mac address
- join network

So you can see by the time they're worrying about getting past your mac filtering, they can already read your network packets in clear text because they can decrypt it. That's why MAC filtering is ineffective, they can already see your network traffic.

In your scenario;
- capture only a handful of packets
- locate source mac addresses
- spoof mac address
- join network

You say your modem supports WPA, I would recommend you enable this - If you wish, enable MAC filtering but as explained it really doesn't do anything.

Yes WPA is theoretically possible to crack, but not trivial like WEP and its perfectly acceptable for a home network - And its about 100000 x better than what you currently have Make sure you use a nice long passphrase over 12 characters as a minimum.

Hope all this makes sense, sorry its long winded but without knowing your technical background I've tried to explain it using simple practical examples.

Thanx for the detailed explaination dont worry i do the same, assume the person knows nothing, cant go wrong then

I actually did know most of it.

the important part that i DID NOT know is that each packet contained the originating MAC address.

sort of a bit useless, more so than WEP! (which is what you were saying!)

just checked, router supports WPA-PSK.

My main objective is to stop free loaders, any important sites i use are SSL encryted, the others aren't a life changing issue

Thanks again for the instructional.

No worries. If you're interested in knowing more about it you should have a read up about the OSI model and data encapsulation.

(I've used some slightly incorrect terms when describing packets over wifi but it just makes it easier to understand)

It makes for pretty boring reading really Glad to hear you're enabling WPA.

James.

I bet that if i lived in an apartment complex i would have read up much more quickly and i may well have been one of the bad guys

A close friend works at optus, apparently one of their customers was "capped' just after billing period re-started..........turns out he lived in an apartment complex and had an open wi-fi network LOL.

Der.