Filtering Network Traffic


If your access point has a firewall built in, another method of preventing intruders from gaining access to your WLAN is to filter your network’s traffic. Filtering network traffic allows you to configure your firewall in a way that excludes all users except those that your configuration allows to connect.

You can use one of two methods to filter your network traffic. One method uses the Media Access Control (MAC) address; the other filters by IP address (see Figure 11-10). Either way, filtering only allows known (and approved) addresses to associate with your access point. Manufacturers encode each network adapter and device with a unique alphanumeric MAC address. In most cases, the MAC address is permanent, but crackers can modify the MAC on some devices.

click to expand
Figure 11-10: MAC and IP address filtering

Because of this, filtering isn’t foolproof. A cracker can use a wireless sniffer and capture network data packets to analyze. Network data packets contain routing information that includes both the IP address and MAC address of the sending station. Using this information, a cracker can configure his adapter to use the MAC (or IP) address of a legitimate user and thwart your firewall’s filter (see Figure 11-11).

click to expand
Figure 11-11: Spoofing a MAC address to get past MAC filtering

Although it’s not foolproof, analyzing data packets to learn MAC addresses or legitimate IP addresses raises the bar high enough so that only technically proficient(and determined) intruders are able to access your WLAN. Because the majority of would-be intruders aren’t that skilled and unlikely to waste much time trying to beat it, filtering is an effective additional step to securing your wireless network.

Activating MAC address filtering

The exact steps to implement MAC or IP filtering depend on the hardware you are using and are different for every brand of access point or firewall. The most likely scenario is that you can set up filtering through the configuration software or Web interface for your device (see Figure 11-12).

click to expand
Figure 11-12: Implementing MAC filtering through a Web interface

To set up a list of MAC addresses that are allowed to associate with your access point, gather the MAC address of every wireless adapter on your network. The easiest way to learn the MAC address of each of your adapters is to use the configuration software that came with the adapter. However, you can also find the MAC address of your adapter in Windows XP or Windows 2000 by following these steps:

STEPS: Finding the MAC address of your adapter in Windows XP/2000

  1. Left-click the Start Button. The Start menu appears.

  2. In the Start Menu, click Run. A small Run dialog box opens (see Figure 11-13).


    Figure 11-13: The Run dialog box

  3. In the Run dialog box, type CMD and click OK. A command window appears.

  4. In the command window, type ipconfig /all. There must be a space after ipconfig. The command window displays the network configuration for your adapter, including IP and MAC address (see Figure 11-14).

    click to expand
    Figure 11-14: The command window displaying IP and MAC addresses

Repeat these steps to collect the MAC address for each of the adapters that you allow to associate with your access point.

Implementing IP address filtering

Like MAC address filtering, the steps you take to configure your access point or firewall to allow certain IP addresses (or a range of them) to associate with your access point is dependent on the device that you are using. Again, the most likely way for you to accomplish this is with the configuration software that came with your device (see Figure 11-15).

click to expand
Figure 11-15: Configuring IP address filtering

To collect the IP addresses of wireless adapters that you allow to associate with your access point, follow the same steps you used to gather the MAC addresses. The ipconfig /all command will also display the adapter’s IP address (see Figure 11-16).

click to expand
Figure 11-16: The command window displaying a wireless adapter’s IP address

Caution 

If you are using DHCP to supply your network clients with dynamic (changing) IP addresses, don’t filter based on IP addresses. Any IP addresses you collect now will change when you reboot your computer or disconnect and then reestablish your network connection.




Caution. Wireless Networking. Preventing a Data Disaster
Caution! Wireless Networking: Preventing a Data Disaster
ISBN: 076457213X
EAN: 2147483647
Year: 2003
Pages: 145

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net