How to survive configuring and securing a wireless LAN III: The Missing MAC

This is the third installment in the saga of my ongoing effort to configure a locked-down wireless security setup for my home.  Last time I had set up MAC address filtering security for my Linksys Wireless-G router. MAC address filtering takes advantage of the fact that every computer's network adapter has a unique hardware identifier, called the "physical address," or media access control ("MAC") address.  This feature lets you limit access to your wireless network to only those MAC addresses you put on your "approved" list.

Once I set up the router to support MAC address filtering I still needed to enter the MAC addresses for each machine I wanted to have have access to my wireless network. If you don't know much about networking it can be confusing to find that information. After skipping around in the electronic manual I did find the answer, but I had to jump over to Appendix E to get it. Linksys suggests that you go to Start/Run, and enter "cmd" (open an MS-DOS box, in other words). Then type "ipconfig /all." You already know to look for the MAC address by its synonym: the "physical address." Then again, you could enter the "getmac" command. That brings up only the MAC physical address codes, but if you have both a wired Ethernet adapter and a wireless one installed, as I do, it's difficult to tell which is which. What's really boneheaded about all of this, though, is that a consumer must enter text strings from an MS-DOS command line in order to find this information and  must  extract it from a bunch of other gobbledygook.

There is another way to get around this that might work. Try right-clicking on Start/Settings/Network Connections/Wireless Network, select Properties and click on the Advanced tab. You may find the MAC address there - or not. Unfortunately, with my IBM ThinkPad, it wasn't there.

The End of the Begining

Aren't you glad, dear consumer, that you decided to set up a wireless LAN? By this point, if you're like me, you may be feeling like the hapless PC guy on those Mac and PC commercials.

Well relax, because you're done. Sort of. With SSID broadcast off, no one can see that your wireless router is out there. All wireless communications will be encrypted, users need to enter a password to access the WLAN and if the hardware ID of the machine trying to gain access doesn't match the "approved list," that person still can't get in. It's possible that any one of these security measures might be defeated in some way. For example, someone could spoof a MAC address or try to guess your password. But when put together, the security will be tough to beat. That's what security experts call layered security. For added security, it's also a good idea to change your key periodically.

Now there's just one small problem. None of your wireless devices can see the WiFi router, much less connect to it. Getting around that problem was another chore that I'll talk about next time.