MAC filtering
Encyclopedia
In computer networking, MAC
Filtering (or EUI filtering, or layer 2
address filtering) refers to a security access control
method whereby the 48-bit address assigned to each network card
is used to determine access to the network.
MAC address
es are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklist
s and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network.
While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a valid MAC (via airodump-ng) and then spoofing one's own MAC into a validated one. This can be done in the Windows Registry
or by using commandline tools on a Linux platform.
Media Access Control
The media access control data communication protocol sub-layer, also known as the medium access control, is a sublayer of the data link layer specified in the seven-layer OSI model , and in the four-layer TCP/IP model...
Filtering (or EUI filtering, or layer 2
Data link layer
The data link layer is layer 2 of the seven-layer OSI model of computer networking. It corresponds to, or is part of the link layer of the TCP/IP reference model....
address filtering) refers to a security access control
Access control
Access control refers to exerting control over who can interact with a resource. Often but not always, this involves an authority, who does the controlling. The resource can be a given building, group of buildings, or computer-based information system...
method whereby the 48-bit address assigned to each network card
Network card
A network interface controller is a computer hardware component that connects a computer to a computer network....
is used to determine access to the network.
MAC address
MAC address
A Media Access Control address is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet...
es are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklist
Blacklist (computing)
In computing, a blacklist or block list is a basic access control mechanism that allows everyone access, except for the members of the black list . The opposite is a whitelist, which means allow nobody, except members of the white list...
s and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network.
While giving a wireless network some additional protection, MAC filtering can be circumvented by scanning a valid MAC (via airodump-ng) and then spoofing one's own MAC into a validated one. This can be done in the Windows Registry
Windows registry
The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user...
or by using commandline tools on a Linux platform.