A MAC filter is network access protection that only allows devices with a specific MAC address to access the network. A MAC filter is typically used in a LAN or WLAN and stored in the form of a table in the router ( firewall ). For various reasons, a MAC filter is considered to be a security-related weak access protection.
The MAC address is not an immutable property of the respective network node, because the MAC address is not transmitted from the network adapter ( hardware ) to the router, but rather is first read from the adapter by the operating system or the network manager ( software ) and then transmitted. The address read out can be changed very easily using the appropriate software and therefore does not offer any means of reliably identifying a network device. If the address of a participating node is known, an attacker can change the address of his computer in a suitable manner in order to gain access to it by fraud. Furthermore, when logging WLAN traffic, the MAC address is the first characteristic that the intruder becomes aware of. A MAC filter therefore only offers very weak protection for a network.