Well I was aware MAC's wasn't encrypted over Ethernet due to its part of the header and is used to know where to reply back to when stuff gets routed etc.
Most people haven't a clue, so we should be ok, also if somebody was that good they could still probably get in if they really wanted to..
We use WPA2-Mixed so we can use TKIP or AES.
I personally avoid TKIP - and WPA2 is only AES, if a device connects with TKIP its WPA1, and TKIP is around as it was easier to update hardware that was designed in the WEP era.
WPA-TKIP has published flaws, that have been used to crack into networks. Nowhere near as easily as WEP, but its not a strong protocol - and not surprising given it was designed in a hurry to fix WEP.
WPA2-AES also apparently now has a detected vulnerability, but exploiting it causes legitimate traffic to stop on the whole network, so its pretty obvious when someone attacks you, all the others are "invisible" attacks.
If truely paranoid, use WiFi on a separate VLAN and have no access to PCs with real data on - but most people can't do that
- plusnet unlimited fibre
- 2 Jun 14 - 470m - Sync 55/9.4 (BT was 51/9.8)
15 years broadband (1999 ntl:cable trial) - Asus RT-AC68U with HG612 - PN BQM - PN speed - old BT speed