Wireless Access Control

[Calvinholloway]

Hi all

I have a question regarding wireless access control.

What is the best method to allow only certain users access to your wireless network?

The users mustnt be able to share details that will allow other users to access the network.

Currently Im using mac address filtering and i give the users the network key. I know this isn't a very safe method, but it's the only one i can think of that meets my needs.

Ideas would be much appreciated.

Thanks

[Phou]

Using RADIUS or captive portal. WPA Enterprise allows you to use a server for the person to enter a user name & password, that's mainly with RADIUS server. While captive portal can do the same thing but instead usually redirect the user to a web site that requires the person to enter a user name & password. Of course both requires expensive router or third-party firmware.

MAC address filtering might keep out the usual people, so it's not a bad idea to have enable because share keys, well like the name apply can be compromised easily.

Reason why MAC address filtering doesn't work against a hacker is because it's to easy to sniff and find out, then spoof (changing one's own MAC address).

Share key like WEP 64 or 128Bit are to easy to crack, WPA or WPA2 is the only strongest recommended for home user, it's only weakness is dictionary attack. That's why you use password that are complicated and not in the dictionary or commonly use password but it's weakness is simple, it is a share key and anyone who knows it can leak it.

There is no method you prevent a person from sharing his or her password unless you force a strict policy that will have the user change password all the time.

[2xg]

Hello,

An old Article but a good reading:
The six dumbest ways to secure a wireless LAN | ZDNet

Quote:

Currently Im using mac address filtering and i give the users the network key. I know this isn't a very safe method, but it's the only one i can think of that meets my needs.