Blocking unwanted MAC addresses on Linksys WRT54GS

mmmna · . . . . Joined: 21 Apr 2024 Posts: 7224

I am not very good at ANY networking, and this seems to be the most secure way to block unwanted Wireless network use.

It works for me: nobody within a quarter mile can get into my wireless network. Okay, that's probably because there *IS* nobody within that quarter mile... but if they get close enough, I've already locked the screen door shut, using a thumbtack; I'm S-A-F-E!

Here is what I do.

I get a list of ALL MAC addresses in range of the Linksys WRT54GS

IF you already know the friendly MAC address, skip to step B]

A] To get the MAC address of the wireless NIC, just let everyone surf
open the wireless router administration webpage
click wireless
click wireless MAC filter
click disable
click Save Settings button.

Now everyone that is in range can get in.
And if there are PCs in range that are running XP, they will likely get a popup telling them the news that a new wireless is available, so be quick about the following steps!

Next, look at who is seen on the wireless router:
open the wireless router administration webpage
click status
click Local Network
click DHCP Clients Table button

You should get a table that looks roughly like the following:

tlmiller · Posted: Tue Feb 05, 2024 3:38 am Post subject:

Yeah, I used to use that for my network. Different router though.

_________________
Debian Squeeze, Arch, Kubuntu mostly. Some Mandriva. Some Windows.
Desktops: shadowdragon, medusa
Laptops: bluedrake, banelord, sandwyrm, aardvark.

lberg · Sr. Member Joined: 28 Jul 2024 Posts: 1289

I use that on my home network. Sometimes it's a pain when one of my friends/cousins comes over with a laptop and wants to get on wireless, then I have to go into the router conf and "let them in."

The main reason I use MAC whitelisting is because I don't want to go to the trouble of getting wpa2 working with Linux, as my Arch box is wireless. Right now, I'm just using WEP (for ease of use with Linux), so I am adding as many other security things as I can to help compensate for lack of password security Rolling Eyes

One other measure I use is I have the broadcasting power on my router on setting 2 out of 10. Previously, it was on 1/10, but in distant corners of the house the signal got to be pretty weak with my iBook, as some pages would time out when I had three or 4 walls between the iBook and the router. Upping the signal one notch seemed to make pages load quite a bit faster.

...But I don't live in a town where hackers are common, and I definitely don't have any neighbors that would try hacking on to my network... and there are never any random cars parked outside my house hahaha... Razz

_________________
2 Computers: Arch Linux, 64-bit
3 Computers: Arch Linux, 32-bit

mmmna · . . . . Joined: 21 Apr 2024 Posts: 7224

tlmiller · Posted: Tue Feb 05, 2024 4:26 am Post subject:

I use WPA (not 2) and it works AMAZINGLY well in both Arch, sidux, PCLOS, and Mepis. Still secure enough for me, no need to migrate to 2 yet.

_________________
Debian Squeeze, Arch, Kubuntu mostly. Some Mandriva. Some Windows.
Desktops: shadowdragon, medusa
Laptops: bluedrake, banelord, sandwyrm, aardvark.

JP · Posted: Tue Feb 05, 2024 4:28 am Post subject:

Thanks mmmna, I have one of those Linksys routers, I've never been able to use it as a wireless with Linux ..... maybe I'll PM you about it .... so as not to crap this thread.

On the above how-to - - is there any way to tell what mac addresses are NOT friendly, and if you do know them, can you put that mac address into a list of "not invited" macs? What command would be used in Linux? WNDOZ ?

Also, when we first got the router, my son password protected it .... now he can't remember the password Crying or Very sad

..... we had hoped that just unplugging it from the power from it for 3 or 4 months would erase the password, but that didn't work. Do you know of any way to change the password without knowing the old password? Needless to say, we have to get the password problem taken care of before we can use the how-to Smile

. If we can get the password, we can at least get my wife's xp to work wireless. PM me if you'd rather not say publically Wink

.
THX.

_________________
Dell Box - Arch Linux
Dell Lappy - DreamLinux 3.5 - Default OS
Mepis 8.0 - Backup

tlmiller · Posted: Tue Feb 05, 2024 4:30 am Post subject:

Hitting the hardware reset button doesn't clear it?

_________________
Debian Squeeze, Arch, Kubuntu mostly. Some Mandriva. Some Windows.
Desktops: shadowdragon, medusa
Laptops: bluedrake, banelord, sandwyrm, aardvark.

JP · Posted: Tue Feb 05, 2024 4:38 am Post subject:

tlmiller · Posted: Tue Feb 05, 2024 4:48 am Post subject:

i know some of the firmwares will clear it when you update them. Did you try that too?

_________________
Debian Squeeze, Arch, Kubuntu mostly. Some Mandriva. Some Windows.
Desktops: shadowdragon, medusa
Laptops: bluedrake, banelord, sandwyrm, aardvark.

mmmna · . . . . Joined: 21 Apr 2024 Posts: 7224

tlmiller: you update the fw after you login. Chicken and egg.

JP: there is a couple things I know of. 1] there is a hole in the back., gently press that with a straightened paperclip. 2] on the front panel, press the Cisco logo, it is a kind of reset.

Once you get into the admin area by logging in, you can only A] whitelist some MACs, or B] you blacklist some MACs. The action is exclusive. As for uninvited MACs, you'd have to let everyone in before you could get their MAC address, so you take chances for a few moments and discover them by being fully opened for just long enough to copy the MAC addresses. In this case, it seems easier to blacklist (prohibit), but I'm no expert.

_________________
-Kubuntu 10.04 LTS Beta2 on Celeron D desktop
-PCLinuxOS 2024 LXDE on EeePC 900A with Atom n270 (modded with 32G SATA drive and 2G ram).

JP · Posted: Tue Feb 05, 2024 5:08 am Post subject:

OK, Thanks Very Happy

_________________
Dell Box - Arch Linux
Dell Lappy - DreamLinux 3.5 - Default OS
Mepis 8.0 - Backup

lberg · Sr. Member Joined: 28 Jul 2024 Posts: 1289

mmmna, it's a 2WIRE router that came with my SBC DSL setup.

tlmiller, you have wpa working on Arch? I'd like to hear more about that... I actually haven't actually looked at it recently, as school takes most of my time, so maybe there's something I've overlooked. Maybe I'll start a new thread for it one of these days. I DO have a question or two about my current setup, but I don't want to hijack this thread Wink

_________________
2 Computers: Arch Linux, 64-bit
3 Computers: Arch Linux, 32-bit

tlmiller · Posted: Tue Feb 05, 2024 5:10 am Post subject:

mr_ed · Posted: Tue Feb 05, 2024 2:08 pm Post subject:

Someone can spoof your MAC address.

Is the MAC address passed in every TCP/IP packet? (I should know this...) Smile

_________________
Desktop: Ubuntu 7.10 "Gutsy Gibbon"
Laptop: Ubuntu 7.04 "Feisty Fawn"

lberg · Sr. Member Joined: 28 Jul 2024 Posts: 1289

	USA Linux Users Group Forum Index » Networking	All times are GMT Goto page 1, 2 Next
Page 1 of 2