Ok, first let me indicate the reason I started this thread. I was reading an old article on wireless security and stumbled upon this quote:
MAC address filtering is easy to defeat for someone who has the right tools. Using a wireless sniffer an attacker can watch the wireless traffic of your network and easily pick MAC addresses of valid users out of the frames floating through the air, even if they are encrypted.
Full Article Here
My first thought - Old article? It must simply be a WEP issue. So I ventured a bit further into the issue at hand to verfiy that it is indeed only a WEP issue. Well, that doesn't seem to be the case at all. I'm going to concentrate on what I currently use for wireless encryption on the network I maintain - WPA-PSK. Now, I've heard that WPA-PSK is susceptable to brute-force dictionary attacks. I never really checked into the matter, that is, until now. So I figured, what's the best way to figure out how an attack is used against WPA-PSK, you got it, wardriving tools/whitepapers. Well, I found WPA Cracker
WPA Cracker is a dictionary/brute-force attacker against WiFi Protected Access (WPA). WPA takes two forms; WPA Enterprise Mode and WPA PSK (Pre-Shared Key) Mode. WPA Cracker takes advantage of an inherently vulnerable characteristics of the PSK implementation to provide users an insight that the security must be deployed properly.
Which led me to read WPA_Passive_Dictionary_Attack_Overview
Now, if I read this correctly, during this "4 Way Handshake", just about every element needed to crack into a wireless network is provided outside of the passphrase and all of these elements can easily be sniffed out using a wireless traffic analyzer.
Here's a sample used in the whitepaper mentioned above:

PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)
PTK = PRF-512(PMK, “Pairwise key expansion”, Min(AP_Mac, Client_Mac) ||
Max(AP_Mac, Client_Mac) || Min(ANonce, SNonce) || Max(ANonce, SNonce))

With the discovery of the SSID, the PMK apparently only relies on one security mechanism. Yep, you guessed it...the passphrase.
The PMK is generated by inputting the string of the pass phrase, SSID, and the SSID
length into the PBKDF2 algorithm, which is set to hash 4096 times and generate a value of
256 bits. Since the SSID is easily recoverable, it should be noted that only the pass phrase would have to be guessed in order to determine the valid PMK.
Now, apparently this PTK key is also fairly easy to mimick -
The normal practice is to have a single PSK(Pre Shared Key) within an ESS (Extended Service Set). To generate any PTK, a device only needs to learn the two MAC addresses and nonces (and the selected ciphersuite). All of this is available in the initial exchange, from the ASSOCIATE through the 4-Way Handshake. Any device can passively listen for these frames and then generate the PTK. If the device missed these frames, it can send a DISASSOCIATE against the STA and force the STA to perform the ASSOCIATE through the 4-Way Handshake again.
Full Article Here. There is also a more techincal breakdown for PTK cracking from the whitepaper listed above.

So, once again, I am amazed as to the simplicity it takes for a tech savvy individual to crack this WPA-PSK. I've heard warnings about WPA-PSK relying heavily on the passphrase but little did I know just how much. Needless to say, come Monday, my network will have a new passphrase . In any event, it appears(from what I've read) that the better security measure is to use a RADIUS server based WPA. There is also something I've recently learned about called TinyPEAP. Apparently this is in its prototype/testing stages?? and is one of(if not the best) wireless security encryption features available. It was generally only an enterprise solution but is quickly becoming a home user solution to wireless security. The whitepaper on TinyPEAP can be found Here.

Oh well, I'm done rambling. Any thoughts?