In computer networking, MAC Filtering refers to a security access control method whereby the MAC address assigned to each network card is used to determine access to the network.
MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that he or she would use to access the network.
MAC filtering is also used on enterprise wireless networks with multiple access points to create a private VLAN and prevent clients from communicating with each other. The access point can be configured to only allows clients to talk to the default gateway, but not other wireless clients. To help filter the results on a router type 'show ip arp?' You will see gigabitethernet' as an option this will let you filter results by interface or sub-interfaces. In my exmaple it typed 'sho ip arp gigabitEthernet 0/0.10' and that listed all IP's on my sub-interface.
Find MAC Address of Ip and Network Card Manufacturer's name from a capture file. Capturing mac addresses. Filter expression (eth.ig 0) appears to always be true. Capture filter MAC. Sniff IP of a mac-adress, help with filter. Is there a capture filter for a MAC address range? Mac adress capturing. Just want to See MAC Addresses - what is the.
While giving a network some additional protection, MAC filtering can be circumvented by using a packet analyzer to find a valid MAC and then using MAC spoofing to access the network using that address. MAC address filtering can be considered as security through obscurity because the effectiveness is based on 'the secrecy of the implementation or its components'.
Many devices that support MAC filtering do so on a device basis. Whitelisted MAC addresses are allowed through any port on the device and blacklisted MAC addresses are blocked on all ports. Other devices, such as Cisco Catalyst switches, support MAC filtering on a port-by-port basis. This is referred to as port security. Port security may be configured statically with a list, dynamically based on the first given number of addresses detected, or a combination of these two methods. When port security is configured, the default settings are to allow only one MAC address per port, and to shut down the port if the allowed number of addresses is exceeded.
MAC filtering is also used on enterprise wireless networks with multiple access points to create a private VLAN and prevent clients from communicating with each other. The access point can be configured to only allows clients to talk to the default gateway, but not other wireless clients.
|Wikiversity has learning resources about Port security|