MAC Filtering in Computer Network

Network adapters, whether wired or wireless, use a unique identifier called a MAC (Media Access Control) address, typically shown as 00:00:00:00:00:00. MAC filtering is a security feature that uses these addresses to control which devices can connect to a network. By creating a whitelist of approved devices or a deny list of restricted ones, it helps prevent unauthorized access and strengthens overall Wi-Fi security.

Working of Mac filtering

When a device connects to a router, its MAC address is checked against an approved list. Matching devices are allowed access; others are blocked. Common in enterprise networks, MAC filtering adds extra security alongside Wi-Fi credentials.

1. Set a list of allowed devices. Only those MAC addresses which are on the list will be provided services by the DHCP.
2. Set a list of denied devices. The MAC addresses which are on the denied list will not be granted server by DHCP.
3. If the MAC address is on both the allowed and denied list then it will be denied the service.

For enabling a list of allowed, denied or both devices follow the steps given below.  

1. Go to the DHCP console, right-click the IPv4 node, and click properties.
2. Use the current filter configuration details on the filter tab and use an allow list by selecting enable allow list and use a denied list by selecting enable deny list.
3. Click OK and save changes.

Updating Mac filtering

If MAC filtering is enabled, devices not on the approved list cannot connect. For troubleshooting, it can be left disabled, as router manufacturers provide proper guidance. 

1. Go to your router settings. 
   In the router’s settings locate the tab or setting "MAC Filtering." This is found within a router's "Wireless" or "Wireless Security" options. In some routers, MAC Filtering may also be referred to as "MAC Address Control", "Address Reservation", or "Wireless MAC Authentication." 
2. One needs to add the Nintendo system's MAC Address to the list of allowed devices and save or apply this change if MAC Filtering is on or enabled. If you do not want MAC Filtering on for your network turn it off or disable it.

 Applications of MAC filtering

• Access control: Restricts network access to authorized devices only. 
• Parental control: Limits children’s internet use by allowing only specific devices.
• BYOD enforcement: Ensures only approved personal devices access corporate resources.
• Guest access: Grants controlled access to visitors without exposing the main network.
• Wireless security: Prevents unauthorized devices from connecting to Wi-Fi.
• IoT security: Protects smart devices by allowing only trusted MAC addresses.
• Traffic management: Controls how many devices can connect at a time.
• Compliance: Supports adherence to organizational security policies.
• Troubleshooting & monitoring: Helps detect unauthorized devices and track activity.

Security Risks of MAC Filtering

• MAC address spoofing: Attackers can capture valid MAC addresses using tools like Wireshark and spoof them to pose as trusted devices.
• Deauthentication attacks: Using tools (e.g., airplay-ng), hackers can send "deauth" or "deassoc" packets to disconnect a device, then reconnect using its spoofed MAC.
• Unencrypted MAC headers: Even on WPA2-encrypted Wi-Fi, MAC addresses remain visible in packet headers, making it easy for attackers within range to sniff them.
• Bypassing encryption: Hackers don't need to crack WPA2 passwords; simply impersonating an authorized MAC grants access.
• Practical limitation: While effective against average users, experienced attackers can easily bypass MAC filtering

Suggested Quiz

Edit Quiz

6 Questions

What is the main purpose of MAC filtering in network security?

• A

  To assign IP addresses to devices

• B

  To allow or deny network access based on device MAC addresses

• C

  To encrypt wireless traffic

• D

  To detect malware in packets

Explanation:

MAC filtering uses a device’s unique MAC address to permit or block its access to a network, commonly used in Wi-Fi routers.

What is a limitation of MAC filtering?

• A

  It slows down network speed

• B

  MAC addresses can be easily spoofed

• C

  It encrypts traffic inefficiently

• D

  It works only with IPv6

Explanation:

Attackers can change (spoof) their MAC address to bypass filtering, making MAC filtering less secure as a standalone defense.

Which attack makes MAC filtering less effective?

• A

  SQL injection

• B

  MAC spoofing

• C

  Buffer overflow

• D

  DNS poisoning

Explanation:

Attackers can fake MAC addresses to bypass MAC filtering.

What happens when a device tries to connect to a MAC-filtered network?

• A

  Router checks IP address only

• B

  Router checks MAC address against allow/deny lists

• C

  Router assigns a random MAC

• D

  Router disables DHCP

Explanation:

Access is granted or blocked depending on whether the MAC address appears in the router’s filter lists.

Which attack makes MAC filtering less effective?

• A

  SQL injection

• B

  MAC spoofing

• C

  Buffer overflow

• D

  DNS poisoning

Explanation:

Attackers can fake MAC addresses to bypass MAC filtering.

In which scenario is MAC filtering commonly used?

• A

  Increasing download speed

• B

  Parental control and device restrictions

• C

  Encrypting Wi-Fi packets

• D

  Managing IP routing tables

Explanation:

It helps control which specific devices can access the network.

Quiz Completed Successfully

Your Score :   2/6

Accuracy :  0%

Login to View Explanation

1/6 1/6 < Previous Next >