From: "Lewis G Rosenthal" Received: from [192.168.100.201] (account lgrosenthal HELO [192.168.100.26]) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.16) with ESMTPSA id 2325297 for os2-wireless_users@2rosenthals.com; Thu, 19 Feb 2009 19:47:43 -0500 Message-ID: <499DFD94.5020101@2rosenthals.com> Date: Thu, 19 Feb 2009 19:47:16 -0500 Organization: Rosenthal & Rosenthal, LLC User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; en-US; rv:1.8.1.18) Gecko/20081113 MultiZilla/1.8.3.5g SeaMonkey/1.1.13 (PmW) MIME-Version: 1.0 To: OS/2 Wireless Users Mailing List Subject: Re: [OS2Wireless] An old "friend" is back References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, Ray... On 02/19/09 06:20 pm, Ray Davison thus wrote : > Neil Waldhauer wrote: >> >> Here's what I do. I go to the router config, turn off access control, >> connect, >> and when I turn access control back on, the router suggests that I >> add the >> correct MAC address to the config. No Windows or Mac required, >> although they >> are just fine, too. > > I don't get the point. Normally I can see any router that is within > range. Whether I can access it depends on whether it is unlocked. I > cannot see the router and it cries about it. > Neil has a small built-in safeguard against a man-in-the-middle (MTM) attack. As MAC addresses can easily be forged, creating a generic whitelist of MAC addresses is weak security, at best. By going Neil's route, *all* clients are forbidden to attach until he disables the security. At that point, he lets the client connect, adds that single MAC to the whitelist, and away he goes. Unless someone is trying to access the network at that exact moment (with *his* MAC), he should be reasonable assured that he's the only one connected. -- Lewis ------------------------------------------------------------- Lewis G Rosenthal, CNA, CLP, CLE Rosenthal & Rosenthal, LLC www.2rosenthals.com Need a managed Wi-Fi hotspot? www.hautspot.com Treasurer, Warpstock Corporation www.warpstock.org -------------------------------------------------------------