Viking, thank for your response.
The following may steer the Topic off subject.
Now in my days as programmer/analyst on the Main Frame I dealt with a facility called "RACF", quite unique!
You will now ask what this has to do with the PC platform.
But let me explain:
First: Your PIN was associated to A default Group, say "ABC".
If your PIN was NOT connected to a group "DEF" than you had no access to that Group.
Second: if your Group "ABC" had no access granted to other Groups "GHI" than there was no access.
Third: In each Group there were levels of PROD, TEST, DEVL. In this case a Development group could have READ ONLY access to say Structures in PROD, if granted.
Forth, in case of Emergency Maintenance, such as Operation Failure, or System Recovery than the person had to Sign-on in the "P" Group if the person was part of say "ABC -P".
A "RACF" report was produced to see who was snooping around, or was in groups where they did not belong.
Thus from the Main Frame view, it was quite secure.
On the PC platform, the above does not quite apply. I have not yet discovered in XP or W2K a method of "excluding" access to groups where they do not belong.
In my case where I have 3 distinct groups, I would grant access only to the ones I want. That way any un-authorized Group access via Wireless could (almost) not penetrate. Of course I could plug all the Ports I want, but that is too cumbersome. Using IP Addresses may only work if they are Static, not DHCP. On the Router Level I don't want to institute the WEP Key for certain reasons.
I would be wishful thinking if someone would have a suggestion to "GroupAccessPC", thus in case of a neighbour or Drive-By could not access MyGroups, and produce an "Un-Authorized Access Report".
My U.S. Robotics Router (USR8054) has a Log and that is good for 20 pages on the screen only. It can produce a E-mail upon detecting a MAC Address, but a Drive-By can have any MAC-Address.
For Access-Only within the LAN via MAC-Filtering I have not found yet.
Thank you for your attention.