From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LSbMA-0004b8-Hx for garchives@archives.gentoo.org; Thu, 29 Jan 2009 18:11:14 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F3D62E03EE; Thu, 29 Jan 2009 18:11:11 +0000 (UTC) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.171]) by pigeon.gentoo.org (Postfix) with ESMTP id C6E1BE03EE for ; Thu, 29 Jan 2009 18:11:11 +0000 (UTC) Received: by wf-out-1314.google.com with SMTP id 29so37405wff.10 for ; Thu, 29 Jan 2009 10:11:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=ylJ4SWLolSFTZ29cHPyLpHRfw/YgMuNf13jBmiBBLdo=; b=UGV5+SrlSjy5sGl3IsmvmZp6lhgSE1QW41HPmYpqgWcl5RfFTEZaXV6CCLuZzNvKbA ZVOEX0J5qJuvO2a89fAYaeueC5YHRuiOwvtdto6jtmyYjDlXJ9hEUUqVPqDZSH2La6Ye 5LpkP85TlYCIgQ8KHTnhGkK59dWhAkOFTfqjM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=p9MhNueV1nKBou8fvKPqDqcgOR9pYR9dglD0WDG/rtTNSWvLADL4FCQ755tsfJG9bU s5XTbVM4qik8olKfT1wRm6aw2aWoWwsLHGh8pe9dG+GvOE6UBxoVdB5M74eht+vBtiHw ctl68tq28UvbqsATRYguREDLnr8F3u1BCJLKQ= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.142.163.13 with SMTP id l13mr120776wfe.2.1233252671323; Thu, 29 Jan 2009 10:11:11 -0800 (PST) In-Reply-To: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> References: <49bf44f10901290940p3ab050cep2e5bd985ee901fde@mail.gmail.com> Date: Thu, 29 Jan 2009 10:11:11 -0800 Message-ID: <5bdc1c8b0901291011i488de5a9haee5f369637d861d@mail.gmail.com> Subject: Re: [gentoo-user] Locking down a wireless network From: Mark Knecht To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: 93e4a8f2-14c7-418c-ae20-b5b5439b97fa X-Archives-Hash: f4193fe28914ef166b97d66495cd622e On Thu, Jan 29, 2009 at 9:40 AM, Grant wrote: > My Gentoo router's wireless network is encrypted via WPA and doesn't > DHCP. I'd like to take this a step further in case my WPA key gets > hacked. Can I issue only certain IPs to certain MAC addresses? > > Does WPA2 require hardware support? > > - Grant My LinkSys wireless router supports MAC address filtering. I can add a MAC address to the allowed list and disallow everything else. It works for us so far, until someone manages to somehow find out an allowed MAC address and pretends to be that address. I'll deal with that should it ever happen. Unlikely I think... It is a little extra work adding a new device in as I have to discover its address but that's OK with me. I don't think is typically done in hardware as the specs change and hardware designers are reluctant to put the gates in. More likely it's done in firmware on a router like mine, or software if you're using some Gentoo box to do a job like this. - Mark