I was setting up a wireless 802.11g network a weekend or so ago and I set in place all possible measures that I know of to "secure" the WAP/router and WLAN. (I tried to talk em into running wires.. but they insisted on w/less. I even explained to them the dangers and etc.)

There isn't much info on the computers and it is really only used for web surfing.

Well, I changed the default name and disabled the broadcast of SSID, enabled the 128-bit WEP, disabled DHCP, changed the default admin password, and put in place MAC filtering. I even put it on a subnet that isn't the defualt... ex. 10.96.128.x whatever, I just pulled one out of the air.

I know that the WEP can be cracked given enough time, and the ip(s) and ssid can also be grabbed. So, I was mainly relying on the MAC filtering...

Well.. that was pretty dumb. I just found a tool called MAC Changer

I'm pretty new to securnig WLANs and WAPs... is there any way to detect a spoofed MAC?

There would be a conflict when the other MAC was in use, but when it wasn't in use... how can you detect it?