MAC Filtering in Computer Network

Network adapters, whether wired or wireless, use a unique identifier called a MAC (Media Access Control) address, typically shown as 00:00:00:00:00:00. MAC filtering is a security feature that uses these addresses to control which devices can connect to a network. By creating a whitelist of approved devices or a deny list of restricted ones, it helps prevent unauthorized access and strengthens overall Wi-Fi security.

Working of Mac filtering

When a device connects to a router, its MAC address is checked against an approved list. Matching devices are allowed access; others are blocked. Common in enterprise networks, MAC filtering adds extra security alongside Wi-Fi credentials.

1. Set a list of allowed devices. Only those MAC addresses which are on the list will be provided services by the DHCP.
2. Set a list of denied devices. The MAC addresses which are on the denied list will not be granted server by DHCP.
3. If the MAC address is on both the allowed and denied list then it will be denied the service.

For enabling a list of allowed, denied or both devices follow the steps given below.  

1. Go to the DHCP console, right-click the IPv4 node, and click properties.
2. Use the current filter configuration details on the filter tab and use an allow list by selecting enable allow list and use a denied list by selecting enable deny list.
3. Click OK and save changes.

Updating Mac filtering

If MAC filtering is enabled, devices not on the approved list cannot connect. For troubleshooting, it can be left disabled, as router manufacturers provide proper guidance. 

1. Go to your router settings. 
   In the router’s settings locate the tab or setting "MAC Filtering." This is found within a router's "Wireless" or "Wireless Security" options. In some routers, MAC Filtering may also be referred to as "MAC Address Control", "Address Reservation", or "Wireless MAC Authentication." 
2. One needs to add the Nintendo system's MAC Address to the list of allowed devices and save or apply this change if MAC Filtering is on or enabled. If you do not want MAC Filtering on for your network turn it off or disable it.

 Applications of MAC filtering

• Access control: Restricts network access to authorized devices only. 
• Parental control: Limits children’s internet use by allowing only specific devices.
• BYOD enforcement: Ensures only approved personal devices access corporate resources.
• Guest access: Grants controlled access to visitors without exposing the main network.
• Wireless security: Prevents unauthorized devices from connecting to Wi-Fi.
• IoT security: Protects smart devices by allowing only trusted MAC addresses.
• Traffic management: Controls how many devices can connect at a time.
• Compliance: Supports adherence to organizational security policies.
• Troubleshooting & monitoring: Helps detect unauthorized devices and track activity.

Security Risks of MAC Filtering

• MAC address spoofing: Attackers can capture valid MAC addresses using tools like Wireshark and spoof them to pose as trusted devices.
• Deauthentication attacks: Using tools (e.g., airplay-ng), hackers can send "deauth" or "deassoc" packets to disconnect a device, then reconnect using its spoofed MAC.
• Unencrypted MAC headers: Even on WPA2-encrypted Wi-Fi, MAC addresses remain visible in packet headers, making it easy for attackers within range to sniff them.
• Bypassing encryption: Hackers don't need to crack WPA2 passwords; simply impersonating an authorized MAC grants access.
• Practical limitation: While effective against average users, experienced attackers can easily bypass MAC filtering