From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSaza-0001d0-H3 for garchives@archives.gentoo.org; Thu, 29 Jan 2009 17:47:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D2C39E0474; Thu, 29 Jan 2009 17:47:52 +0000 (UTC) Received: from mail-gx0-f12.google.com (mail-gx0-f12.google.com [209.85.217.12]) by pigeon.gentoo.org (Postfix) with ESMTP id 9C4FAE0474 for ; Thu, 29 Jan 2009 17:47:52 +0000 (UTC) Received: by gxk5 with SMTP id 5so47107gxk.10 for ; Thu, 29 Jan 2009 09:47:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=AdNcoEkgmELuI6IPcwX57XOBhwD467sq1pgMwx58GnQ=; b=pDOlejQrjhYDYXBsfuN7v/+frhqLQEgM3uBkt78X/KuVJRfgDwNldwCbCse56/JnPj 5BVXz8IciMSCDE9W/SR4EZ93kKx9JHVmX79MHkraBwjSnIe0kjzh0/Xk7uvG60onhCAm eeQsSHMFgtvrcvivTfQw9PM5/pSDayIZz0GlE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=DE1flOX1plTOl0mT0oNOO6J+ANNGdm14t8/3y01bya52h+BxMAz9DmDm8U4mXnD9Ld lbeY2COywS9w9MVuydg4k0FMYKUhiwqiWD+WLuJt5EBexplhPjQFD/+ZjABeyXrCcT31 u+l7BFstUVT4JMuYj1luTOOd+C95XZ2AlQUm8= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.151.38.11 with SMTP id q11mr309657ybj.164.1233251271770; Thu, 29 Jan 2009 09:47:51 -0800 (PST) In-Reply-To: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> Date: Thu, 29 Jan 2009 12:47:51 -0500 Message-ID: <4ef07b8c0901290947y14c4d818g684d5186f038723f@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Dan Cowsill To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: ffa22413-6ed7-4197-89f9-0b7a73d83e78 X-Archives-Hash: b383f84bec6f22517536de30feaf8750 On 1/29/09, Grant wrote: > My Gentoo router's wireless network is encrypted via WPA and doesn't > DHCP. I'd like to take this a step further in case my WPA key gets > hacked. Can I issue only certain IPs to certain MAC addresses? > > Does WPA2 require hardware support? > > > - Grant > > What you're looking for is called 'MAC address filtering' and I imagine it is very doable. Having never done it before myself (with a Gentoo router) the best I can do is point you at Google and wish you the best of luck. It's been a little while since I worried about my WPA2 wireless getting hacked. Apparently, a vulnerability in TKIP was recently discovered that made WPA2 networks using that encryption less secure. It would still take a lot of doing on the attacking party's end to do it though. Have you considered setting up WPA2 Enterprise, with the RADIUS server and whatnot? D