MAMEWorld Forums - The Loony Bin - Re: Firewall security question

> Ok, so I live in a place where I'm not too worried about anybody close enough to pick
> up my wireless signal being both smart and malicious enough to tap into my network
> with my routers configured for MAC filtering (and after more than a couple of years,
> I've never seen an unknown device connected)

MAC address filtering requires the unauthorised user to use MAC address spoofing (trivial to do). MAC address spoofing has the added benefit (for the attacker) of not showing up as an unknown device. You'd need to spot them by traffic analysis.

> Some of my devices have trouble streaming from my computer, and SEP seems to not like
> port scans from my HP printer so it breaks my scan from network function.
>
> I would never do this in a work/business environment, but what are your opinions on
> setting my top firewall rule to allow all IP traffic on all ports and protocols to
> ALLOW for my entire local subnet range?

It's pretty common to do that in a business environment anyway. If there are malicious devices on your LAN you're fucked anyway. Also, firewalls aren't a particularly great line of defence. For an unexpected port to be opened, there must be malicious software running on your machine. Ergo, you're fucked already.