Your router is a wonderful thing. And you don’t have to trust me on that, it’s all in the manual! Your router has got lots of features you’ve never heard about. It’s a pity, because some of them are really useful. It’s true that others may not add a lot of value, though. So, let’s explore what MAC address filtering does, and whether it’s useful for you or not.
Let’s start our journey by affirming that address filtering was built with the goal of protecting your Wi-Fi network from prying eyes. It makes use of the 48-bit addresses which are assigned to the network cards that can be found in our computers, laptops, tablets, phones, and so on.
And yet, some specialists say that this security feature isn’t that useful in real-life situations. So, let’s see how MAC address filtering works in the first place.
It is easy to connect a new client to a typical Wi-Fi network. All you need is the network name and its security key, a.k.a. the password. MAC address filtering ads another step to the process, telling the router to accept new clients only if their MAC addresses have been whitelisted in the router admin panel.
This means that the admin should configure a list of devices which are allowed to access the Wi-Fi network based on their MAC addresses. You need to know those addresses to do that, of course. Fortunately, most operating systems will help you get them without too much effort. You can use this article to discover how to get the MAC address of your Wi-Fi device, for example.
Once that is done, you need to input the addresses into the router and activate MAC address filtering. Then, whenever your router receives a request from a network client, it compares its MAC address with the previously whitelisted address table. The devices that are on the list can connect, while the ones that aren’t on the list are unable to connect to the network. In fact, some routers even have blacklists, allowing you to ban that annoying neighbor who is constantly trying to steal Internet from you.
So, does MAC address filtering really help boost network security? Well, it should to that, at least in theory. Having the router perform the MAC address check before allowing a new device to connect to the network sounds like a good idea. The MAC addresses of the wireless clients are hardware-based, so they can’t be changed, after all.
Still, MAC addresses can be easily faked using freely available software applications. According to Data Alliance, address filtering can be circumvented using a two-step process:
- The hacker sniffs an existing, valid network address.
- Then, he can easily spoof the MAC into a validated one.
As a conclusion, MAC address filtering may boost Wi-Fi network security a bit, but in the end, it all depends on the admin’s desire to do the extra work that is required. My recommendation is to go for it, even though it will only boost Wi-Fi security a little bit.
On the other hand, if you run a wired network, where data packets don’t fly through the air, you should definitely make use of MAC address filtering. Without sniffing a valid network address, it’s going to be almost impossible for hackers to connect to your network.