As long as the WPA network has a secure key, i.e. greater than 20 characters and not composed of dictionary words, you’ll be fine with that setup.

A hard-wired LAN and NAT router are absolutely the best way to go if you can run the cable, both in terms of security and performance. That said, a WiFi network with WPA and a strong key is plenty trustworthy.

tarran –

The weakness of MAC address filtering has not been widely publicized, as far as I know, though it certainly should be. A lot of people still believe MAC address filtering and turning off SSID broadcasting are adequate security measures.

My first rule of security is always assume everyone has access to everything you’re sending and receiving. Address filtering never follows this rule because anyone who has access to your traffic can see the address. In the case of MAC address filtering, the combination of WiFi packet sniffers and MAC address spoofing lead to a trivial crack.

MAC address filtering is too easily defeated to be relied upon.

Damn, now I am really embarrassed. I should have known that…

LAN is and always will be the best way to go; at least until something similar to LAN makes the rounds.

MAC address filtering is too easily defeated to be relied upon. All it takes is someone using a packet sniffer to find some ARP packets, which contain the MAC address, and then spoofing said MAC address to gain access.

Like WEP, it does offer a layer of security, but only a trivial one. I absolutely don’t recommend that it be relied upon in place of WPA encryption.

Put this in place, and even your unencrypted network is safe from the dreaded war-driving pervert.