Although many will find the term familiar, for many it is certain that it is a stranger. However, it is a function that is present in routers and that can help improve security. We are talking about MAC filtering. In this article, we will tell you everything you need to know to use it correctly to improve the fight against possible intruders in the Wi-Fi network of our home.
Starting by defining the function, we could say that it is a function that allows restricting access to the resources of a specific device. A router always comes to mind, but it can also be found in a wireless access point.
MAC Filtering of a Router
We have used the generic word resources. To be more precise, we talk about the wireless network, Internet access or SAMBA server.
The technology has advanced and the devices connected to a Wi-Fi network in the home can be many. This allows the appearance of problems when it comes to efficient management. At the beginning of the access to broadband in our country, the existence of a wireless network was unnecessary. All computers were connected by cable to the modem or router. Smart mobile terminals or tablets were devices that had not yet appeared and the price of laptops caused them to be reserved for a few.
But this has changed as the years have gone by, and in a current home, there is an average of 3 devices connected wirelessly.
Therefore, it becomes a mandatory task to improve the security of our wireless network and protect it as much as possible.
MAC filtering operation modes
The router manufacturers have improved the existing functions in the firmware of the routers. One of the unknown for many is the MAC filtering, which we have already described previously.
With this function, the user can create black or white lists, depending on what the needs are. That is, the number of computers to control. We could say that it has that double focus. If an operation is selected as a blacklist, all identifiers of the equipment entered in this list will be blocked. That is, they can not make use of the router’s resources. However, if it works as a whitelist, all the existing equipment in this list will have the necessary permissions to enjoy the resources of the router or access point.
How blocked/authorized devices are identified
To make this list, the user must use the MAC address that the equipment has. Specifying a little more, you must enter the MAC address of the wireless card that the device is using to connect the resource.
What do I do if my WiFi Network Credentials are Stolen? It is effective?
We could say that, after the credentials configured in the wireless network, it is the second defense barrier, as long as it is configured. The intruder can use the password and enter it. However, by not being on the whitelist or your team belonging to the blacklist, you will not be able to make use of the resources.
Yes, it is true that you have to “lose” a few minutes by entering the addresses. However, from that moment on, everything is advantageous when it comes to security matters.
Configuration of this function
At this point, each router is a world. However, the configuration of this function could be said to be generic. First, the user must choose what the operation will be. If it works like a blacklist or a whitelist. Important to first add the equipment we are using for the configuration if we want it to work as a list of authorized computers. Otherwise, when applying the configuration and our equipment is not present, we will not be able to continue with the process.
Subsequently, everything lies in arming yourself with patience. That is, collect the physical addresses (MAC) of the wireless cards of each of the devices and add them to this list.
Weak points?
At the moment, everything seems advantages. It must be said that this is not an impregnable security measure, although only users with moderately advanced knowledge will get involved in this matter to skip this filtering.
At this point, what is done in these situations is to clone the MAC address of a computer that is connected to that Wi-Fi network. For this, a sniffer is used to capture packets and locate the connected clients, and thus get an “accepted” MAC, which will be cloned to access the wireless network without any problems.